PT-2018-2467 · Arm+4 · Arm+4

Published

2018-05-03

Updated

2022-04-18

CVE-2018-3693

CVSS v3.1

5.6

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Systems with microprocessors (affected versions not specified)

Description The issue is related to microprocessors utilizing speculative execution and branch prediction, which may allow unauthorized disclosure of information to an attacker with local user access. This is achieved through a speculative buffer overflow and side-channel analysis. The vulnerability is associated with the branch prediction module's functionality in Intel, ARM, and AMD processors. Exploitation of the vulnerability enables an attacker to disclose protected information by creating conditions for incorrect branch prediction.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

BDU:2019-00710

CESA-2018_2384

CESA-2018_2390

CVE-2018-3693

RHSA-2018:2384

RHSA-2018:2390

RHSA-2018:2395

RHSA-2018_2384

RHSA-2018_2390

RHSA-2018_2395

RHSA-2019:1946

RHSA-2020:0174

Affected Products

Amd

Arm

Centos

Intel

Red Hat

PT-2018-2467 · Arm+4 · Arm+4

CVE-2018-3693

Weakness Enumeration

Related Identifiers

Affected Products

References · 33