CVE-2017-5715 (GCVE-0-2017-5715)
Vulnerability from cvelistv5
Published
2018-01-04 13:00
Modified
2025-05-06 14:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Microprocessors with Speculative Execution |
Version: All |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:48.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
},
{
"name": "USN-3560-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3560-1/"
},
{
"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"name": "DSA-4187",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "USN-3542-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3542-2/"
},
{
"name": "GLSA-201810-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "USN-3540-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3540-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
},
{
"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"name": "USN-3597-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3597-1/"
},
{
"name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"name": "SUSE-SU-2018:0012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
},
{
"name": "SUSE-SU-2018:0011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
},
{
"name": "DSA-4213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4213"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
},
{
"name": "DSA-4120",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4120"
},
{
"name": "openSUSE-SU-2018:0013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html"
},
{
"name": "USN-3580-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3580-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K91229003"
},
{
"name": "USN-3531-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3531-3/"
},
{
"name": "USN-3620-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"name": "openSUSE-SU-2018:0022",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
},
{
"name": "USN-3582-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3582-1/"
},
{
"name": "DSA-4188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"name": "RHSA-2018:0292",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0292"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-254.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
},
{
"name": "SUSE-SU-2018:0019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
},
{
"name": "102376",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102376"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"name": "USN-3594-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3594-1/"
},
{
"name": "VU#584653",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/584653"
},
{
"name": "VU#180049",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "SUSE-SU-2018:0009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html"
},
{
"name": "USN-3690-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3690-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html"
},
{
"name": "USN-3549-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3549-1/"
},
{
"name": "SUSE-SU-2018:0007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX231399"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://spectreattack.com/"
},
{
"name": "USN-3531-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3531-1/"
},
{
"name": "FreeBSD-SA-18:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
},
{
"name": "SUSE-SU-2018:0006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html"
},
{
"name": "USN-3581-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3581-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
},
{
"name": "1040071",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040071"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr"
},
{
"name": "USN-3597-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3597-2/"
},
{
"name": "USN-3581-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3581-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
},
{
"name": "SUSE-SU-2018:0010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
},
{
"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
},
{
"name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
},
{
"name": "USN-3516-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/usn/usn-3516-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
},
{
"name": "43427",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43427/"
},
{
"name": "SUSE-SU-2018:0020",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html"
},
{
"name": "USN-3541-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3541-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
},
{
"name": "USN-3777-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"name": "openSUSE-SU-2018:0023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0007.html"
},
{
"name": "SUSE-SU-2018:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
},
{
"name": "USN-3561-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3561-1/"
},
{
"name": "USN-3582-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3582-2/"
},
{
"name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"name": "FreeBSD-SA-19:26",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc"
},
{
"name": "20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Nov/16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2017-5715"
},
{
"name": "[debian-lts-announce] 20200320 [SECURITY] [DLA 2148-1] amd64-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html"
},
{
"name": "[debian-lts-announce] 20210816 [SECURITY] [DLA 2743-1] amd64-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2017-5715",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:31:09.657900Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T14:59:36.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Microprocessors with Speculative Execution",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"datePublic": "2018-01-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-16T08:06:27.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
},
{
"name": "USN-3560-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3560-1/"
},
{
"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"name": "DSA-4187",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "USN-3542-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3542-2/"
},
{
"name": "GLSA-201810-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "USN-3540-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3540-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
},
{
"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"name": "USN-3597-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3597-1/"
},
{
"name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"name": "SUSE-SU-2018:0012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
},
{
"name": "SUSE-SU-2018:0011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
},
{
"name": "DSA-4213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4213"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
},
{
"name": "DSA-4120",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4120"
},
{
"name": "openSUSE-SU-2018:0013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html"
},
{
"name": "USN-3580-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3580-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K91229003"
},
{
"name": "USN-3531-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3531-3/"
},
{
"name": "USN-3620-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"name": "openSUSE-SU-2018:0022",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
},
{
"name": "USN-3582-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3582-1/"
},
{
"name": "DSA-4188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"name": "RHSA-2018:0292",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0292"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-254.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
},
{
"name": "SUSE-SU-2018:0019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
},
{
"name": "102376",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102376"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"name": "USN-3594-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3594-1/"
},
{
"name": "VU#584653",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/584653"
},
{
"name": "VU#180049",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "SUSE-SU-2018:0009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html"
},
{
"name": "USN-3690-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3690-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html"
},
{
"name": "USN-3549-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3549-1/"
},
{
"name": "SUSE-SU-2018:0007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX231399"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://spectreattack.com/"
},
{
"name": "USN-3531-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3531-1/"
},
{
"name": "FreeBSD-SA-18:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
},
{
"name": "SUSE-SU-2018:0006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html"
},
{
"name": "USN-3581-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3581-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
},
{
"name": "1040071",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040071"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr"
},
{
"name": "USN-3597-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3597-2/"
},
{
"name": "USN-3581-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3581-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
},
{
"name": "SUSE-SU-2018:0010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
},
{
"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
},
{
"name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
},
{
"name": "USN-3516-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/usn/usn-3516-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
},
{
"name": "43427",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43427/"
},
{
"name": "SUSE-SU-2018:0020",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html"
},
{
"name": "USN-3541-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3541-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
},
{
"name": "USN-3777-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"name": "openSUSE-SU-2018:0023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0007.html"
},
{
"name": "SUSE-SU-2018:0008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
},
{
"name": "USN-3561-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3561-1/"
},
{
"name": "USN-3582-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3582-2/"
},
{
"name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"name": "FreeBSD-SA-19:26",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc"
},
{
"name": "20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Nov/16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.paloaltonetworks.com/CVE-2017-5715"
},
{
"name": "[debian-lts-announce] 20200320 [SECURITY] [DLA 2148-1] amd64-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html"
},
{
"name": "[debian-lts-announce] 20210816 [SECURITY] [DLA 2743-1] amd64-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-01-03T00:00:00",
"ID": "CVE-2017-5715",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microprocessors with Speculative Execution",
"version": {
"version_data": [
{
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
},
{
"name": "USN-3560-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3560-1/"
},
{
"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"name": "DSA-4187",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "USN-3542-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3542-2/"
},
{
"name": "GLSA-201810-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "USN-3540-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3540-2/"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/speculativeexecution",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
},
{
"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"name": "USN-3597-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3597-1/"
},
{
"name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"name": "SUSE-SU-2018:0012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
},
{
"name": "SUSE-SU-2018:0011",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
},
{
"name": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html",
"refsource": "MISC",
"url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
},
{
"name": "DSA-4213",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4213"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2018-002",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
},
{
"name": "DSA-4120",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4120"
},
{
"name": "openSUSE-SU-2018:0013",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html"
},
{
"name": "USN-3580-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3580-1/"
},
{
"name": "https://support.f5.com/csp/article/K91229003",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K91229003"
},
{
"name": "USN-3531-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3531-3/"
},
{
"name": "USN-3620-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"name": "openSUSE-SU-2018:0022",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
},
{
"name": "USN-3582-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3582-1/"
},
{
"name": "DSA-4188",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"name": "RHSA-2018:0292",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0292"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-254.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-254.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180104-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
},
{
"name": "SUSE-SU-2018:0019",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_01",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_01"
},
{
"name": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
},
{
"name": "102376",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102376"
},
{
"name": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
"refsource": "CONFIRM",
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"name": "USN-3594-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3594-1/"
},
{
"name": "VU#584653",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/584653"
},
{
"name": "VU#180049",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2018-003",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "SUSE-SU-2018:0009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html"
},
{
"name": "USN-3690-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3690-1/"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
},
{
"name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001",
"refsource": "CONFIRM",
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
},
{
"name": "https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html"
},
{
"name": "USN-3549-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3549-1/"
},
{
"name": "SUSE-SU-2018:0007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html"
},
{
"name": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/",
"refsource": "CONFIRM",
"url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
},
{
"name": "https://support.citrix.com/article/CTX231399",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX231399"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "https://spectreattack.com/",
"refsource": "MISC",
"url": "https://spectreattack.com/"
},
{
"name": "USN-3531-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3531-1/"
},
{
"name": "FreeBSD-SA-18:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc"
},
{
"name": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/",
"refsource": "CONFIRM",
"url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
},
{
"name": "SUSE-SU-2018:0006",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html"
},
{
"name": "USN-3581-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3581-1/"
},
{
"name": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/",
"refsource": "CONFIRM",
"url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
},
{
"name": "1040071",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040071"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr",
"refsource": "CONFIRM",
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr"
},
{
"name": "USN-3597-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3597-2/"
},
{
"name": "USN-3581-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3581-2/"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
},
{
"name": "SUSE-SU-2018:0010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
},
{
"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
},
{
"name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
},
{
"name": "USN-3516-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/usn/usn-3516-1/"
},
{
"name": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
},
{
"name": "43427",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43427/"
},
{
"name": "SUSE-SU-2018:0020",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html"
},
{
"name": "USN-3541-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3541-2/"
},
{
"name": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html",
"refsource": "MISC",
"url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
},
{
"name": "https://support.lenovo.com/us/en/solutions/LEN-18282",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
},
{
"name": "USN-3777-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"name": "openSUSE-SU-2018:0023",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
},
{
"name": "https://www.vmware.com/security/advisories/VMSA-2018-0007.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0007.html"
},
{
"name": "SUSE-SU-2018:0008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
},
{
"name": "USN-3561-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3561-1/"
},
{
"name": "USN-3582-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3582-2/"
},
{
"name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jun/36"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"name": "FreeBSD-SA-19:26",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc"
},
{
"name": "20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Nov/16"
},
{
"name": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html"
},
{
"name": "https://security.paloaltonetworks.com/CVE-2017-5715",
"refsource": "CONFIRM",
"url": "https://security.paloaltonetworks.com/CVE-2017-5715"
},
{
"name": "[debian-lts-announce] 20200320 [SECURITY] [DLA 2148-1] amd64-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html"
},
{
"name": "[debian-lts-announce] 20210816 [SECURITY] [DLA 2743-1] amd64-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2017-5715",
"datePublished": "2018-01-04T13:00:00.000Z",
"dateReserved": "2017-02-01T00:00:00.000Z",
"dateUpdated": "2025-05-06T14:59:36.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4609\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3560-1/\", \"name\": \"USN-3560-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html\", \"name\": \"[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4187\", \"name\": \"DSA-4187\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3542-2/\", \"name\": \"USN-3542-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/201810-06\", \"name\": \"GLSA-201810-06\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3540-2/\", \"name\": \"USN-3540-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/vulnerabilities/speculativeexecution\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html\", \"name\": \"[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3597-1/\", \"name\": \"USN-3597-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html\", \"name\": \"[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html\", \"name\": \"SUSE-SU-2018:0012\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html\", \"name\": \"SUSE-SU-2018:0011\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4611\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4213\", \"name\": \"DSA-4213\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://cert.vde.com/en-us/advisories/vde-2018-002\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4120\", \"name\": \"DSA-4120\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html\", \"name\": \"openSUSE-SU-2018:0013\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3580-1/\", \"name\": \"USN-3580-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://support.f5.com/csp/article/K91229003\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3531-3/\", \"name\": \"USN-3531-3\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3620-2/\", \"name\": \"USN-3620-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html\", \"name\": \"openSUSE-SU-2018:0022\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3582-1/\", \"name\": \"USN-3582-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4188\", \"name\": \"DSA-4188\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0292\", \"name\": \"RHSA-2018:0292\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://xenbits.xen.org/xsa/advisory-254.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180104-0001/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html\", \"name\": \"SUSE-SU-2018:0019\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://www.synology.com/support/security/Synology_SA_18_01\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/102376\", \"name\": \"102376\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3594-1/\", \"name\": \"USN-3594-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/584653\", \"name\": \"VU#584653\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\", \"x_transferred\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/180049\", \"name\": \"VU#180049\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\", \"x_transferred\"]}, {\"url\": \"https://cert.vde.com/en-us/advisories/vde-2018-003\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html\", \"name\": \"SUSE-SU-2018:0009\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3690-1/\", \"name\": \"USN-3690-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3549-1/\", \"name\": \"USN-3549-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html\", \"name\": \"SUSE-SU-2018:0007\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.citrix.com/article/CTX231399\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://spectreattack.com/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3531-1/\", \"name\": \"USN-3531-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc\", \"name\": \"FreeBSD-SA-18:03\", \"tags\": [\"vendor-advisory\", \"x_refsource_FREEBSD\", \"x_transferred\"]}, {\"url\": \"https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html\", \"name\": \"SUSE-SU-2018:0006\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3581-1/\", \"name\": \"USN-3581-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1040071\", \"name\": \"1040071\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html\", \"name\": \"[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3597-2/\", \"name\": \"USN-3597-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3581-2/\", \"name\": \"USN-3581-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4614\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html\", \"name\": \"SUSE-SU-2018:0010\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html\", \"name\": \"[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel\", \"name\": \"20180104 CPU Side-Channel Information Disclosure Vulnerabilities\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/usn/usn-3516-1/\", \"name\": \"USN-3516-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/43427/\", \"name\": \"43427\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html\", \"name\": \"SUSE-SU-2018:0020\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3541-2/\", \"name\": \"USN-3541-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://support.lenovo.com/us/en/solutions/LEN-18282\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3777-3/\", \"name\": \"USN-3777-3\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html\", \"name\": \"openSUSE-SU-2018:0023\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://www.vmware.com/security/advisories/VMSA-2018-0007.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html\", \"name\": \"SUSE-SU-2018:0008\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4613\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3561-1/\", \"name\": \"USN-3561-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3582-2/\", \"name\": \"USN-3582-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/36\", \"name\": \"20190624 [SECURITY] [DSA 4469-1] libvirt security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc\", \"name\": \"FreeBSD-SA-19:26\", \"tags\": [\"vendor-advisory\", \"x_refsource_FREEBSD\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/16\", \"name\": \"20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2017-5715\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html\", \"name\": \"[debian-lts-announce] 20200320 [SECURITY] [DLA 2148-1] amd64-microcode security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html\", \"name\": \"[debian-lts-announce] 20210816 [SECURITY] [DLA 2743-1] amd64-microcode security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T15:11:48.456Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.6, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-5715\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T13:31:09.657900Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-203\", \"description\": \"CWE-203 Observable Discrepancy\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-05T13:21:38.296Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Intel Corporation\", \"product\": \"Microprocessors with Speculative Execution\", \"versions\": [{\"status\": \"affected\", \"version\": \"All\"}]}], \"datePublic\": \"2018-01-03T00:00:00.000Z\", \"references\": [{\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4609\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://usn.ubuntu.com/3560-1/\", \"name\": \"USN-3560-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html\", \"name\": \"[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4187\", \"name\": \"DSA-4187\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://usn.ubuntu.com/3542-2/\", \"name\": \"USN-3542-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://security.gentoo.org/glsa/201810-06\", \"name\": \"GLSA-201810-06\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://usn.ubuntu.com/3540-2/\", \"name\": \"USN-3540-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://access.redhat.com/security/vulnerabilities/speculativeexecution\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html\", \"name\": \"[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://usn.ubuntu.com/3597-1/\", \"name\": \"USN-3597-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html\", \"name\": \"[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html\", \"name\": \"SUSE-SU-2018:0012\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html\", \"name\": \"SUSE-SU-2018:0011\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4611\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4213\", \"name\": \"DSA-4213\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://cert.vde.com/en-us/advisories/vde-2018-002\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4120\", \"name\": \"DSA-4120\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html\", \"name\": \"openSUSE-SU-2018:0013\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://usn.ubuntu.com/3580-1/\", \"name\": \"USN-3580-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://support.f5.com/csp/article/K91229003\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://usn.ubuntu.com/3531-3/\", \"name\": \"USN-3531-3\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://usn.ubuntu.com/3620-2/\", \"name\": \"USN-3620-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html\", \"name\": \"openSUSE-SU-2018:0022\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://usn.ubuntu.com/3582-1/\", \"name\": \"USN-3582-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4188\", \"name\": \"DSA-4188\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0292\", \"name\": \"RHSA-2018:0292\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://xenbits.xen.org/xsa/advisory-254.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180104-0001/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html\", \"name\": \"SUSE-SU-2018:0019\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://www.synology.com/support/security/Synology_SA_18_01\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securityfocus.com/bid/102376\", \"name\": \"102376\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://usn.ubuntu.com/3594-1/\", \"name\": \"USN-3594-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/584653\", \"name\": \"VU#584653\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/180049\", \"name\": \"VU#180049\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\"]}, {\"url\": \"https://cert.vde.com/en-us/advisories/vde-2018-003\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html\", \"name\": \"SUSE-SU-2018:0009\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://usn.ubuntu.com/3690-1/\", \"name\": \"USN-3690-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://usn.ubuntu.com/3549-1/\", \"name\": \"USN-3549-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html\", \"name\": \"SUSE-SU-2018:0007\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.citrix.com/article/CTX231399\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://spectreattack.com/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://usn.ubuntu.com/3531-1/\", \"name\": \"USN-3531-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc\", \"name\": \"FreeBSD-SA-18:03\", \"tags\": [\"vendor-advisory\", \"x_refsource_FREEBSD\"]}, {\"url\": \"https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html\", \"name\": \"SUSE-SU-2018:0006\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://usn.ubuntu.com/3581-1/\", \"name\": \"USN-3581-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securitytracker.com/id/1040071\", \"name\": \"1040071\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html\", \"name\": \"[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://usn.ubuntu.com/3597-2/\", \"name\": \"USN-3597-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://usn.ubuntu.com/3581-2/\", \"name\": \"USN-3581-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4614\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html\", \"name\": \"SUSE-SU-2018:0010\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html\", \"name\": \"[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel\", \"name\": \"20180104 CPU Side-Channel Information Disclosure Vulnerabilities\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}, {\"url\": \"https://usn.ubuntu.com/usn/usn-3516-1/\", \"name\": \"USN-3516-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.exploit-db.com/exploits/43427/\", \"name\": \"43427\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html\", \"name\": \"SUSE-SU-2018:0020\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://usn.ubuntu.com/3541-2/\", \"name\": \"USN-3541-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://support.lenovo.com/us/en/solutions/LEN-18282\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://usn.ubuntu.com/3777-3/\", \"name\": \"USN-3777-3\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html\", \"name\": \"openSUSE-SU-2018:0023\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://www.vmware.com/security/advisories/VMSA-2018-0007.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html\", \"name\": \"SUSE-SU-2018:0008\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4613\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://usn.ubuntu.com/3561-1/\", \"name\": \"USN-3561-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://usn.ubuntu.com/3582-2/\", \"name\": \"USN-3582-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/36\", \"name\": \"20190624 [SECURITY] [DSA 4469-1] libvirt security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc\", \"name\": \"FreeBSD-SA-19:26\", \"tags\": [\"vendor-advisory\", \"x_refsource_FREEBSD\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/16\", \"name\": \"20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2017-5715\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html\", \"name\": \"[debian-lts-announce] 20200320 [SECURITY] [DLA 2148-1] amd64-microcode security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html\", \"name\": \"[debian-lts-announce] 20210816 [SECURITY] [DLA 2743-1] amd64-microcode security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Information Disclosure\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2021-08-16T08:06:27.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"All\"}]}, \"product_name\": \"Microprocessors with Speculative Execution\"}]}, \"vendor_name\": \"Intel Corporation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4609\", \"name\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4609\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://usn.ubuntu.com/3560-1/\", \"name\": \"USN-3560-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html\", \"name\": \"[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://www.debian.org/security/2018/dsa-4187\", \"name\": \"DSA-4187\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://usn.ubuntu.com/3542-2/\", \"name\": \"USN-3542-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://security.gentoo.org/glsa/201810-06\", \"name\": \"GLSA-201810-06\", \"refsource\": \"GENTOO\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://usn.ubuntu.com/3540-2/\", \"name\": \"USN-3540-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://access.redhat.com/security/vulnerabilities/speculativeexecution\", \"name\": \"https://access.redhat.com/security/vulnerabilities/speculativeexecution\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002\", \"name\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html\", \"name\": \"[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://usn.ubuntu.com/3597-1/\", \"name\": \"USN-3597-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html\", \"name\": \"[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update\", \"refsource\": \"MLIST\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html\", \"name\": \"SUSE-SU-2018:0012\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html\", \"name\": \"SUSE-SU-2018:0011\", \"refsource\": \"SUSE\"}, {\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4611\", \"name\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4611\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html\", \"name\": \"https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.debian.org/security/2018/dsa-4213\", \"name\": \"DSA-4213\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://cert.vde.com/en-us/advisories/vde-2018-002\", \"name\": \"https://cert.vde.com/en-us/advisories/vde-2018-002\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.debian.org/security/2018/dsa-4120\", \"name\": \"DSA-4120\", \"refsource\": \"DEBIAN\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html\", \"name\": \"openSUSE-SU-2018:0013\", \"refsource\": \"SUSE\"}, {\"url\": \"https://usn.ubuntu.com/3580-1/\", \"name\": \"USN-3580-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://support.f5.com/csp/article/K91229003\", \"name\": \"https://support.f5.com/csp/article/K91229003\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://usn.ubuntu.com/3531-3/\", \"name\": \"USN-3531-3\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://usn.ubuntu.com/3620-2/\", \"name\": \"USN-3620-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html\", \"name\": \"openSUSE-SU-2018:0022\", \"refsource\": \"SUSE\"}, {\"url\": \"https://usn.ubuntu.com/3582-1/\", \"name\": \"USN-3582-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://www.debian.org/security/2018/dsa-4188\", \"name\": \"DSA-4188\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0292\", \"name\": \"RHSA-2018:0292\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://xenbits.xen.org/xsa/advisory-254.html\", \"name\": \"http://xenbits.xen.org/xsa/advisory-254.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180104-0001/\", \"name\": \"https://security.netapp.com/advisory/ntap-20180104-0001/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html\", \"name\": \"SUSE-SU-2018:0019\", \"refsource\": \"SUSE\"}, {\"url\": \"https://www.synology.com/support/security/Synology_SA_18_01\", \"name\": \"https://www.synology.com/support/security/Synology_SA_18_01\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html\", \"name\": \"http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt\", \"name\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securityfocus.com/bid/102376\", \"name\": \"102376\", \"refsource\": \"BID\"}, {\"url\": \"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability\", \"name\": \"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://usn.ubuntu.com/3594-1/\", \"name\": \"USN-3594-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/584653\", \"name\": \"VU#584653\", \"refsource\": \"CERT-VN\"}, {\"url\": \"https://www.kb.cert.org/vuls/id/180049\", \"name\": \"VU#180049\", \"refsource\": \"CERT-VN\"}, {\"url\": \"https://cert.vde.com/en-us/advisories/vde-2018-003\", \"name\": \"https://cert.vde.com/en-us/advisories/vde-2018-003\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes\", \"name\": \"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html\", \"name\": \"SUSE-SU-2018:0009\", \"refsource\": \"SUSE\"}, {\"url\": \"https://usn.ubuntu.com/3690-1/\", \"name\": \"USN-3690-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us\", \"name\": \"https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001\", \"name\": \"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us\", \"name\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html\", \"name\": \"https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://usn.ubuntu.com/3549-1/\", \"name\": \"USN-3549-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html\", \"name\": \"SUSE-SU-2018:0007\", \"refsource\": \"SUSE\"}, {\"url\": \"https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/\", \"name\": \"https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.citrix.com/article/CTX231399\", \"name\": \"https://support.citrix.com/article/CTX231399\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://spectreattack.com/\", \"name\": \"https://spectreattack.com/\", \"refsource\": \"MISC\"}, {\"url\": \"https://usn.ubuntu.com/3531-1/\", \"name\": \"USN-3531-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc\", \"name\": \"FreeBSD-SA-18:03\", \"refsource\": \"FREEBSD\"}, {\"url\": \"https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/\", \"name\": \"https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html\", \"name\": \"SUSE-SU-2018:0006\", \"refsource\": \"SUSE\"}, {\"url\": \"https://usn.ubuntu.com/3581-1/\", \"name\": \"USN-3581-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/\", \"name\": \"https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securitytracker.com/id/1040071\", \"name\": \"1040071\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html\", \"name\": \"[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr\", \"name\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://usn.ubuntu.com/3597-2/\", \"name\": \"USN-3597-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://usn.ubuntu.com/3581-2/\", \"name\": \"USN-3581-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4614\", \"name\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4614\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html\", \"name\": \"SUSE-SU-2018:0010\", \"refsource\": \"SUSE\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html\", \"name\": \"[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel\", \"name\": \"20180104 CPU Side-Channel Information Disclosure Vulnerabilities\", \"refsource\": \"CISCO\"}, {\"url\": \"https://usn.ubuntu.com/usn/usn-3516-1/\", \"name\": \"USN-3516-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html\", \"name\": \"https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.exploit-db.com/exploits/43427/\", \"name\": \"43427\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html\", \"name\": \"SUSE-SU-2018:0020\", \"refsource\": \"SUSE\"}, {\"url\": \"https://usn.ubuntu.com/3541-2/\", \"name\": \"USN-3541-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\", \"name\": \"https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://support.lenovo.com/us/en/solutions/LEN-18282\", \"name\": \"https://support.lenovo.com/us/en/solutions/LEN-18282\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://usn.ubuntu.com/3777-3/\", \"name\": \"USN-3777-3\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html\", \"name\": \"openSUSE-SU-2018:0023\", \"refsource\": \"SUSE\"}, {\"url\": \"https://www.vmware.com/security/advisories/VMSA-2018-0007.html\", \"name\": \"https://www.vmware.com/security/advisories/VMSA-2018-0007.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html\", \"name\": \"SUSE-SU-2018:0008\", \"refsource\": \"SUSE\"}, {\"url\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4613\", \"name\": \"http://nvidia.custhelp.com/app/answers/detail/a_id/4613\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://usn.ubuntu.com/3561-1/\", \"name\": \"USN-3561-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://usn.ubuntu.com/3582-2/\", \"name\": \"USN-3582-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/36\", \"name\": \"20190624 [SECURITY] [DSA 4469-1] libvirt security update\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt\", \"name\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"name\": \"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc\", \"name\": \"FreeBSD-SA-19:26\", \"refsource\": \"FREEBSD\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/16\", \"name\": \"20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html\", \"name\": \"http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2017-5715\", \"name\": \"https://security.paloaltonetworks.com/CVE-2017-5715\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html\", \"name\": \"[debian-lts-announce] 20200320 [SECURITY] [DLA 2148-1] amd64-microcode security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html\", \"name\": \"[debian-lts-announce] 20210816 [SECURITY] [DLA 2743-1] amd64-microcode security update\", \"refsource\": \"MLIST\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Information Disclosure\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-5715\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@intel.com\", \"DATE_PUBLIC\": \"2018-01-03T00:00:00\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2017-5715\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-06T14:59:36.405Z\", \"dateReserved\": \"2017-02-01T00:00:00.000Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2018-01-04T13:00:00.000Z\", \"assignerShortName\": \"intel\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…