{"containers":{"cna":{"affected":[{"product":"Multiple","vendor":"Intel Corporation","versions":[{"status":"affected","version":"Multiple"}]}],"datePublic":"2018-05-21T00:00:00.000Z","descriptions":[{"lang":"en","value":"Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a."}],"problemTypes":[{"descriptions":[{"description":"Information Disclosure","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2019-10-08T12:06:05.000Z","orgId":"6dda929c-bb53-4a77-a76d-48e79601a1ce","shortName":"intel"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.lenovo.com/us/en/solutions/LEN-22133"},{"name":"TA18-141A","tags":["third-party-advisory","x_refsource_CERT"],"url":"https://www.us-cert.gov/ncas/alerts/TA18-141A"},{"name":"1042004","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1042004"},{"name":"1040949","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1040949"},{"tags":["x_refsource_CONFIRM"],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0005"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.synology.com/support/security/Synology_SA_18_23"},{"tags":["x_refsource_CONFIRM"],"url":"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"},{"name":"VU#180049","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"https://www.kb.cert.org/vuls/id/180049"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180013"},{"name":"20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018","tags":["vendor-advisory","x_refsource_CISCO"],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"},{"name":"[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"},{"name":"DSA-4273","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2018/dsa-4273"},{"tags":["x_refsource_CONFIRM"],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us"},{"name":"104228","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/104228"},{"name":"[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"},{"name":"USN-3756-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/3756-1/"},{"tags":["x_refsource_CONFIRM"],"url":"https://security.netapp.com/advisory/ntap-20180521-0001/"},{"tags":["x_refsource_CONFIRM"],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secure@intel.com","DATE_PUBLIC":"2018-05-21T00:00:00","ID":"CVE-2018-3640","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Multiple","version":{"version_data":[{"version_value":"Multiple"}]}}]},"vendor_name":"Intel Corporation"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Information Disclosure"}]}]},"references":{"reference_data":[{"name":"https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf","refsource":"CONFIRM","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"},{"name":"http://support.lenovo.com/us/en/solutions/LEN-22133","refsource":"CONFIRM","url":"http://support.lenovo.com/us/en/solutions/LEN-22133"},{"name":"TA18-141A","refsource":"CERT","url":"https://www.us-cert.gov/ncas/alerts/TA18-141A"},{"name":"1042004","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1042004"},{"name":"1040949","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1040949"},{"name":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0005","refsource":"CONFIRM","url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0005"},{"name":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html","refsource":"CONFIRM","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"},{"name":"https://www.synology.com/support/security/Synology_SA_18_23","refsource":"CONFIRM","url":"https://www.synology.com/support/security/Synology_SA_18_23"},{"name":"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability","refsource":"CONFIRM","url":"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"},{"name":"VU#180049","refsource":"CERT-VN","url":"https://www.kb.cert.org/vuls/id/180049"},{"name":"http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html","refsource":"CONFIRM","url":"http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"},{"name":"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180013","refsource":"CONFIRM","url":"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180013"},{"name":"20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018","refsource":"CISCO","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"},{"name":"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006","refsource":"CONFIRM","url":"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"},{"name":"[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"},{"name":"DSA-4273","refsource":"DEBIAN","url":"https://www.debian.org/security/2018/dsa-4273"},{"name":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us","refsource":"CONFIRM","url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us"},{"name":"104228","refsource":"BID","url":"http://www.securityfocus.com/bid/104228"},{"name":"[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"},{"name":"USN-3756-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3756-1/"},{"name":"https://security.netapp.com/advisory/ntap-20180521-0001/","refsource":"CONFIRM","url":"https://security.netapp.com/advisory/ntap-20180521-0001/"},{"name":"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf","refsource":"CONFIRM","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T04:50:30.422Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.lenovo.com/us/en/solutions/LEN-22133"},{"name":"TA18-141A","tags":["third-party-advisory","x_refsource_CERT","x_transferred"],"url":"https://www.us-cert.gov/ncas/alerts/TA18-141A"},{"name":"1042004","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1042004"},{"name":"1040949","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1040949"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0005"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.synology.com/support/security/Synology_SA_18_23"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"},{"name":"VU#180049","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"https://www.kb.cert.org/vuls/id/180049"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180013"},{"name":"20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"},{"name":"[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"},{"name":"DSA-4273","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2018/dsa-4273"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us"},{"name":"104228","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/104228"},{"name":"[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"},{"name":"USN-3756-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/3756-1/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://security.netapp.com/advisory/ntap-20180521-0001/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"}]}]},"cveMetadata":{"assignerOrgId":"6dda929c-bb53-4a77-a76d-48e79601a1ce","assignerShortName":"intel","cveId":"CVE-2018-3640","datePublished":"2018-05-22T12:00:00.000Z","dateReserved":"2017-12-28T00:00:00.000Z","dateUpdated":"2024-09-16T19:31:35.612Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}