CVE-2018-3615
6.4
Vector
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
Exploitability: 1.1 / Impact: 4.7
Source: NVD
Description
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
Affected (129)
Products: Intel: Core I3, Core I5, Core I7, Xeon E3, Xeon E3 1220 V5, Xeon E3 1225 V5, Xeon E3 1230 V5, Xeon E3 1235l V5, Xeon E3 1240 V5, Xeon E3 1240l V5, Xeon E3 1245 V5, Xeon E3 1260l V5, Xeon E3 1268l V5, Xeon E3 1270 V5, Xeon E3 1275 V5, Xeon E3 1280 V5, Xeon E3 1505l V5, Xeon E3 1505m V5, Xeon E3 1220 V6, Xeon E3 1225 V6, Xeon E3 1230 V6, Xeon E3 1240 V6, Xeon E3 1245 V6, Xeon E3 1270 V6, Xeon E3 1275 V6, Xeon E3 1280 V6, Xeon E3 1285 V6, Xeon E3 1501l V6, Xeon E3 1501m V6, Xeon E3 1505l V6
Configuration A
Configuration C
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1515m_v5 | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1505m_v6 | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions |
References (34)
Source: secure@intel.com
Third Party Advisory
Source: secure@intel.com
Source: secure@intel.com
Source: secure@intel.com
Source: secure@intel.com
Third Party Advisory
Source: secure@intel.com
Third Party Advisory
Source: secure@intel.com
MitigationVendor Advisory
Source: secure@intel.com
Third Party Advisory
Source: secure@intel.com
Third Party Advisory
Source: secure@intel.com
Vendor Advisory
Source: secure@intel.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Technical DescriptionThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Timeline
No history available yet.