Search criteria

22 vulnerabilities found for jetson_tx2 by nvidia

CVE-2021-34400 (GCVE-0-2021-34400)

Vulnerability from nvd – Published: 2021-11-20 14:55 – Updated: 2024-08-04 00:12
VLAI?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE 226: Sensitive Information in Resource Not Removed Before Reuse
Assigner
References
Impacted products
Vendor Product Version
NVIDIA NVIDIA GPU and Tegra hardware Affected: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:12:49.808Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NVIDIA GPU and Tegra hardware",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE 226: Sensitive Information in Resource Not Removed Before Reuse",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-20T14:55:27",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2021-34400",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NVIDIA GPU and Tegra hardware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 4.1,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE 226: Sensitive Information in Resource Not Removed Before Reuse"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2021-34400",
    "datePublished": "2021-11-20T14:55:27",
    "dateReserved": "2021-06-09T00:00:00",
    "dateUpdated": "2024-08-04T00:12:49.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34399 (GCVE-0-2021-34399)

Vulnerability from nvd – Published: 2021-11-20 14:55 – Updated: 2024-08-04 00:12
VLAI?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE 226: Sensitive Information in Resource Not Removed Before Reuse
Assigner
References
Impacted products
Vendor Product Version
NVIDIA NVIDIA GPU and Tegra hardware Affected: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:12:49.877Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NVIDIA GPU and Tegra hardware",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE 226: Sensitive Information in Resource Not Removed Before Reuse",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-20T14:55:25",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2021-34399",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NVIDIA GPU and Tegra hardware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 4.1,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE 226: Sensitive Information in Resource Not Removed Before Reuse"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2021-34399",
    "datePublished": "2021-11-20T14:55:25",
    "dateReserved": "2021-06-09T00:00:00",
    "dateUpdated": "2024-08-04T00:12:49.877Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-23219 (GCVE-0-2021-23219)

Vulnerability from nvd – Published: 2021-11-20 14:55 – Updated: 2024-08-03 19:05
VLAI?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE 1190: DMA Device Enabled Too Early in Boot Phase
Assigner
References
Impacted products
Vendor Product Version
NVIDIA NVIDIA GPU and Tegra hardware Affected: Maxwell (except GM206), Tegra X1, Tegra X1+
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T19:05:55.355Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NVIDIA GPU and Tegra hardware",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "Maxwell (except GM206), Tegra X1, Tegra X1+"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE 1190: DMA Device Enabled Too Early in Boot Phase",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-08T18:36:13",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2021-23219",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NVIDIA GPU and Tegra hardware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Maxwell (except GM206), Tegra X1, Tegra X1+"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 4.1,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE 1190: DMA Device Enabled Too Early in Boot Phase"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2021-23219",
    "datePublished": "2021-11-20T14:55:24",
    "dateReserved": "2021-02-09T00:00:00",
    "dateUpdated": "2024-08-03T19:05:55.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1125 (GCVE-0-2021-1125)

Vulnerability from nvd – Published: 2021-11-20 14:55 – Updated: 2024-08-03 15:55
VLAI?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
CWE
  • CWE 325: Missing Cryptographic Step
Assigner
References
Impacted products
Vendor Product Version
NVIDIA NVIDIA GPU and Tegra hardware Affected: Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:55:18.660Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NVIDIA GPU and Tegra hardware",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE 325: Missing Cryptographic Step",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-20T14:55:20",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2021-1125",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NVIDIA GPU and Tegra hardware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 4.1,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE 325: Missing Cryptographic Step"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2021-1125",
    "datePublished": "2021-11-20T14:55:20",
    "dateReserved": "2020-11-12T00:00:00",
    "dateUpdated": "2024-08-03T15:55:18.660Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1105 (GCVE-0-2021-1105)

Vulnerability from nvd – Published: 2021-11-20 14:55 – Updated: 2024-08-03 15:55
VLAI?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE 1313: Hardware Allows Activation of Test or Debug Logic at Runtime
Assigner
References
Impacted products
Vendor Product Version
NVIDIA NVIDIA GPU and Tegra hardware Affected: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:55:18.491Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NVIDIA GPU and Tegra hardware",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE 1313: Hardware Allows Activation of Test or Debug Logic at Runtime",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-20T14:55:18",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2021-1105",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NVIDIA GPU and Tegra hardware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 4.1,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE 1313: Hardware Allows Activation of Test or Debug Logic at Runtime"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2021-1105",
    "datePublished": "2021-11-20T14:55:19",
    "dateReserved": "2020-11-12T00:00:00",
    "dateUpdated": "2024-08-03T15:55:18.491Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1088 (GCVE-0-2021-1088)

Vulnerability from nvd – Published: 2021-11-20 14:55 – Updated: 2024-08-03 15:55
VLAI?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE 200: Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
Vendor Product Version
NVIDIA NVIDIA GPU and Tegra hardware Affected: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:55:18.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NVIDIA GPU and Tegra hardware",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE 200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-20T14:55:17",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2021-1088",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NVIDIA GPU and Tegra hardware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 4.1,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE 200: Exposure of Sensitive Information to an Unauthorized Actor"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2021-1088",
    "datePublished": "2021-11-20T14:55:17",
    "dateReserved": "2020-11-12T00:00:00",
    "dateUpdated": "2024-08-03T15:55:18.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-6269 (GCVE-0-2018-6269)

Vulnerability from nvd – Published: 2019-04-12 16:25 – Updated: 2024-08-05 06:01
VLAI?
Summary
NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. The updates apply to all versions prior to R28.3.
Severity ?
No CVSS data available.
CWE
  • Code execution, denial of service, escalation of privileges, information disclosure
Assigner
References
Impacted products
Vendor Product Version
NVIDIA Jetson Tegra TX2 Affected: R28.3
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:01:48.548Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Jetson Tegra TX2",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "R28.3"
            }
          ]
        }
      ],
      "datePublic": "2019-04-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. The updates apply to all versions prior to R28.3."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Code execution, denial of service, escalation of privileges, information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-02T21:06:06",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2018-6269",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Jetson Tegra TX2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R28.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. The updates apply to all versions prior to R28.3."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Code execution, denial of service, escalation of privileges, information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
            },
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2018-6269",
    "datePublished": "2019-04-12T16:25:45",
    "dateReserved": "2018-01-25T00:00:00",
    "dateUpdated": "2024-08-05T06:01:48.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-6239 (GCVE-0-2018-6239)

Vulnerability from nvd – Published: 2019-04-12 16:24 – Updated: 2024-08-05 06:01
VLAI?
Summary
NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. The updates apply to all versions prior to R28.3.
Severity ?
No CVSS data available.
CWE
  • Information disclosure
Assigner
References
Impacted products
Vendor Product Version
NVIDIA Jetson TX2 Affected: R28.3
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:01:48.089Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Jetson TX2",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "R28.3"
            }
          ]
        }
      ],
      "datePublic": "2019-04-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. The updates apply to all versions prior to R28.3."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-24T19:58:03",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2018-6239",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Jetson TX2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R28.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. The updates apply to all versions prior to R28.3."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2018-6239",
    "datePublished": "2019-04-12T16:24:59",
    "dateReserved": "2018-01-25T00:00:00",
    "dateUpdated": "2024-08-05T06:01:48.089Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-5673 (GCVE-0-2019-5673)

Vulnerability from nvd – Published: 2019-04-11 16:38 – Updated: 2024-08-04 20:01
VLAI?
Summary
NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3) where the ARM System Memory Management Unit (SMMU) improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service.
Severity ?
No CVSS data available.
CWE
  • Denial of service
Assigner
References
Impacted products
Vendor Product Version
NVIDIA Jetson TX2 Affected: All versions prior to version R28.3
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:01:52.043Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Jetson TX2",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to version R28.3"
            }
          ]
        }
      ],
      "datePublic": "2019-04-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3) where the ARM System Memory Management Unit (SMMU) improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-17T14:44:48",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2019-5673",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Jetson TX2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions prior to version R28.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3) where the ARM System Memory Management Unit (SMMU) improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2019-5673",
    "datePublished": "2019-04-11T16:38:55",
    "dateReserved": "2019-01-07T00:00:00",
    "dateUpdated": "2024-08-04T20:01:52.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-5672 (GCVE-0-2019-5672)

Vulnerability from nvd – Published: 2019-04-11 16:37 – Updated: 2024-08-04 20:01
VLAI?
Summary
NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure.
Severity ?
No CVSS data available.
CWE
  • Information disclosure
Assigner
References
Impacted products
Vendor Product Version
NVIDIA Jetson TX1 and TX2 Affected: All versions prior to version R28.3
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:01:51.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Jetson TX1 and TX2",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to version R28.3"
            }
          ]
        }
      ],
      "datePublic": "2019-04-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-17T14:43:21",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2019-5672",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Jetson TX1 and TX2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions prior to version R28.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2019-5672",
    "datePublished": "2019-04-11T16:37:26",
    "dateReserved": "2019-01-07T00:00:00",
    "dateUpdated": "2024-08-04T20:01:51.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-3639 (GCVE-0-2018-3639)

Vulnerability from nvd – Published: 2018-05-22 12:00 – Updated: 2024-09-16 22:55
VLAI?
Summary
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
Severity ?
No CVSS data available.
CWE
  • Information Disclosure
Assigner
References
https://access.redhat.com/errata/RHSA-2018:1689 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2162 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1641 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3680-1/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:1997 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1665 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3407 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2164 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2001 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3423 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2003 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3654-1/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:1645 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1643 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1652 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3424 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3402 vendor-advisoryx_refsource_REDHAT
https://www.us-cert.gov/ncas/alerts/TA18-141A third-party-advisoryx_refsource_CERT
https://access.redhat.com/errata/RHSA-2018:1656 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1664 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2258 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1688 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1658 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1657 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2289 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1666 vendor-advisoryx_refsource_REDHAT
http://www.securitytracker.com/id/1042004 vdb-entryx_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2018:1675 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1660 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1965 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1661 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1633 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1636 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1854 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2006 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2250 vendor-advisoryx_refsource_REDHAT
http://www.securitytracker.com/id/1040949 vdb-entryx_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2018:3401 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1737 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1826 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3651-1/ vendor-advisoryx_refsource_UBUNTU
https://www.debian.org/security/2018/dsa-4210 vendor-advisoryx_refsource_DEBIAN
https://www.exploit-db.com/exploits/44695/ exploitx_refsource_EXPLOIT-DB
https://access.redhat.com/errata/RHSA-2018:1651 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1638 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1696 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2246 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1644 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1646 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2018… mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2018:1639 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1668 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1637 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2948 vendor-advisoryx_refsource_REDHAT
https://www.kb.cert.org/vuls/id/180049 third-party-advisoryx_refsource_CERT-VN
https://access.redhat.com/errata/RHSA-2018:1686 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2172 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1663 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3652-1/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:1629 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1655 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1640 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1669 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1676 vendor-advisoryx_refsource_REDHAT
https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
https://access.redhat.com/errata/RHSA-2018:3425 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2363 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1632 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1650 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2396 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2364 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3653-2/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:2216 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3655-1/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:1649 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2309 vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/104232 vdb-entryx_refsource_BID
https://access.redhat.com/errata/RHSA-2018:1653 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2171 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1635 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2018… mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2018:2394 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1710 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1659 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1711 vendor-advisoryx_refsource_REDHAT
https://www.debian.org/security/2018/dsa-4273 vendor-advisoryx_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2018:1738 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1674 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3396 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1667 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3654-2/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:1662 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1630 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1647 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1967 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3655-2/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:3399 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2060 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1690 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3653-1/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:2161 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2018… mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2018:2328 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1648 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2387 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:0148 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1654 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3679-1/ vendor-advisoryx_refsource_UBUNTU
https://usn.ubuntu.com/3777-3/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:1642 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3397 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
https://usn.ubuntu.com/3756-1/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:3398 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3400 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2228 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2019:1046 vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
https://seclists.org/bugtraq/2019/Jun/36 mailing-listx_refsource_BUGTRAQ
http://www.openwall.com/lists/oss-security/2020/06/10/1 mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2020/06/10/2 mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2020/06/10/5 mailing-listx_refsource_MLIST
https://www.oracle.com/security-alerts/cpujul2020.html x_refsource_MISC
https://www.oracle.com/technetwork/security-advis… x_refsource_CONFIRM
https://help.ecostruxureit.com/display/public/UAD… x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/s… x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/s… x_refsource_CONFIRM
http://support.lenovo.com/us/en/solutions/LEN-22133 x_refsource_CONFIRM
https://psirt.global.sonicwall.com/vuln-detail/SN… x_refsource_CONFIRM
https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
https://support.citrix.com/article/CTX235225 x_refsource_CONFIRM
https://www.intel.com/content/www/us/en/security-… x_refsource_CONFIRM
https://www.synology.com/support/security/Synolog… x_refsource_CONFIRM
https://developer.arm.com/support/arm-security-up… x_refsource_CONFIRM
http://www.fujitsu.com/global/support/products/so… x_refsource_CONFIRM
http://xenbits.xen.org/xsa/advisory-263.html x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/s… x_refsource_CONFIRM
https://www.mitel.com/en-ca/support/security-advi… x_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?d… x_refsource_CONFIRM
https://bugs.chromium.org/p/project-zero/issues/d… x_refsource_MISC
https://security.netapp.com/advisory/ntap-2018052… x_refsource_CONFIRM
https://nvidia.custhelp.com/app/answers/detail/a_… x_refsource_CONFIRM
https://support.oracle.com/knowledge/Sun%20Micros… x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
Impacted products
Vendor Product Version
Intel Corporation Multiple Affected: Multiple
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T04:50:30.281Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:1689",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1689"
          },
          {
            "name": "RHSA-2018:2162",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2162"
          },
          {
            "name": "RHSA-2018:1641",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1641"
          },
          {
            "name": "USN-3680-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3680-1/"
          },
          {
            "name": "RHSA-2018:1997",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1997"
          },
          {
            "name": "RHSA-2018:1665",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1665"
          },
          {
            "name": "RHSA-2018:3407",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3407"
          },
          {
            "name": "RHSA-2018:2164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2164"
          },
          {
            "name": "RHSA-2018:2001",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2001"
          },
          {
            "name": "RHSA-2018:3423",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3423"
          },
          {
            "name": "RHSA-2018:2003",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2003"
          },
          {
            "name": "USN-3654-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3654-1/"
          },
          {
            "name": "RHSA-2018:1645",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1645"
          },
          {
            "name": "RHSA-2018:1643",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1643"
          },
          {
            "name": "RHSA-2018:1652",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1652"
          },
          {
            "name": "RHSA-2018:3424",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3424"
          },
          {
            "name": "RHSA-2018:3402",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3402"
          },
          {
            "name": "TA18-141A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ncas/alerts/TA18-141A"
          },
          {
            "name": "RHSA-2018:1656",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1656"
          },
          {
            "name": "RHSA-2018:1664",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1664"
          },
          {
            "name": "RHSA-2018:2258",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2258"
          },
          {
            "name": "RHSA-2018:1688",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1688"
          },
          {
            "name": "RHSA-2018:1658",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1658"
          },
          {
            "name": "RHSA-2018:1657",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1657"
          },
          {
            "name": "RHSA-2018:2289",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2289"
          },
          {
            "name": "RHSA-2018:1666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1666"
          },
          {
            "name": "1042004",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1042004"
          },
          {
            "name": "RHSA-2018:1675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1675"
          },
          {
            "name": "RHSA-2018:1660",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1660"
          },
          {
            "name": "RHSA-2018:1965",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1965"
          },
          {
            "name": "RHSA-2018:1661",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1661"
          },
          {
            "name": "RHSA-2018:1633",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1633"
          },
          {
            "name": "RHSA-2018:1636",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1636"
          },
          {
            "name": "RHSA-2018:1854",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1854"
          },
          {
            "name": "RHSA-2018:2006",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2006"
          },
          {
            "name": "RHSA-2018:2250",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2250"
          },
          {
            "name": "1040949",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040949"
          },
          {
            "name": "RHSA-2018:3401",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3401"
          },
          {
            "name": "RHSA-2018:1737",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1737"
          },
          {
            "name": "RHSA-2018:1826",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1826"
          },
          {
            "name": "USN-3651-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3651-1/"
          },
          {
            "name": "DSA-4210",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4210"
          },
          {
            "name": "44695",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/44695/"
          },
          {
            "name": "RHSA-2018:1651",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1651"
          },
          {
            "name": "RHSA-2018:1638",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1638"
          },
          {
            "name": "RHSA-2018:1696",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1696"
          },
          {
            "name": "RHSA-2018:2246",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2246"
          },
          {
            "name": "RHSA-2018:1644",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1644"
          },
          {
            "name": "RHSA-2018:1646",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1646"
          },
          {
            "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
          },
          {
            "name": "RHSA-2018:1639",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1639"
          },
          {
            "name": "RHSA-2018:1668",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1668"
          },
          {
            "name": "RHSA-2018:1637",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1637"
          },
          {
            "name": "RHSA-2018:2948",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2948"
          },
          {
            "name": "VU#180049",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/180049"
          },
          {
            "name": "RHSA-2018:1686",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1686"
          },
          {
            "name": "RHSA-2018:2172",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2172"
          },
          {
            "name": "RHSA-2018:1663",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1663"
          },
          {
            "name": "USN-3652-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3652-1/"
          },
          {
            "name": "RHSA-2018:1629",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1629"
          },
          {
            "name": "RHSA-2018:1655",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1655"
          },
          {
            "name": "RHSA-2018:1640",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1640"
          },
          {
            "name": "RHSA-2018:1669",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1669"
          },
          {
            "name": "RHSA-2018:1676",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1676"
          },
          {
            "name": "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"
          },
          {
            "name": "RHSA-2018:3425",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3425"
          },
          {
            "name": "RHSA-2018:2363",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2363"
          },
          {
            "name": "RHSA-2018:1632",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1632"
          },
          {
            "name": "RHSA-2018:1650",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1650"
          },
          {
            "name": "RHSA-2018:2396",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2396"
          },
          {
            "name": "RHSA-2018:2364",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2364"
          },
          {
            "name": "USN-3653-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3653-2/"
          },
          {
            "name": "RHSA-2018:2216",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2216"
          },
          {
            "name": "USN-3655-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3655-1/"
          },
          {
            "name": "RHSA-2018:1649",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1649"
          },
          {
            "name": "RHSA-2018:2309",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2309"
          },
          {
            "name": "104232",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104232"
          },
          {
            "name": "RHSA-2018:1653",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1653"
          },
          {
            "name": "RHSA-2018:2171",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2171"
          },
          {
            "name": "RHSA-2018:1635",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1635"
          },
          {
            "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
          },
          {
            "name": "RHSA-2018:2394",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2394"
          },
          {
            "name": "RHSA-2018:1710",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1710"
          },
          {
            "name": "RHSA-2018:1659",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1659"
          },
          {
            "name": "RHSA-2018:1711",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1711"
          },
          {
            "name": "DSA-4273",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4273"
          },
          {
            "name": "RHSA-2018:1738",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1738"
          },
          {
            "name": "RHSA-2018:1674",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1674"
          },
          {
            "name": "RHSA-2018:3396",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3396"
          },
          {
            "name": "RHSA-2018:1667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1667"
          },
          {
            "name": "USN-3654-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3654-2/"
          },
          {
            "name": "RHSA-2018:1662",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1662"
          },
          {
            "name": "RHSA-2018:1630",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1630"
          },
          {
            "name": "RHSA-2018:1647",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1647"
          },
          {
            "name": "RHSA-2018:1967",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1967"
          },
          {
            "name": "USN-3655-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3655-2/"
          },
          {
            "name": "RHSA-2018:3399",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3399"
          },
          {
            "name": "RHSA-2018:2060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2060"
          },
          {
            "name": "RHSA-2018:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1690"
          },
          {
            "name": "USN-3653-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3653-1/"
          },
          {
            "name": "RHSA-2018:2161",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2161"
          },
          {
            "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
          },
          {
            "name": "RHSA-2018:2328",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2328"
          },
          {
            "name": "RHSA-2018:1648",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1648"
          },
          {
            "name": "RHSA-2018:2387",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2387"
          },
          {
            "name": "RHSA-2019:0148",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0148"
          },
          {
            "name": "RHSA-2018:1654",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1654"
          },
          {
            "name": "USN-3679-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3679-1/"
          },
          {
            "name": "USN-3777-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3777-3/"
          },
          {
            "name": "RHSA-2018:1642",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1642"
          },
          {
            "name": "RHSA-2018:3397",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3397"
          },
          {
            "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
          },
          {
            "name": "USN-3756-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3756-1/"
          },
          {
            "name": "RHSA-2018:3398",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3398"
          },
          {
            "name": "RHSA-2018:3400",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3400"
          },
          {
            "name": "RHSA-2018:2228",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2228"
          },
          {
            "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
          },
          {
            "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
          },
          {
            "name": "RHSA-2019:1046",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1046"
          },
          {
            "name": "openSUSE-SU-2019:1439",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
          },
          {
            "name": "openSUSE-SU-2019:1438",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
          },
          {
            "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jun/36"
          },
          {
            "name": "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
          },
          {
            "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
          },
          {
            "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.lenovo.com/us/en/solutions/LEN-22133"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX235225"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/support/security/Synology_SA_18_23"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-263.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"
          },
          {
            "name": "openSUSE-SU-2020:1325",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Multiple",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Multiple"
            }
          ]
        }
      ],
      "datePublic": "2018-05-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-02T20:06:27",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "RHSA-2018:1689",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1689"
        },
        {
          "name": "RHSA-2018:2162",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2162"
        },
        {
          "name": "RHSA-2018:1641",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1641"
        },
        {
          "name": "USN-3680-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3680-1/"
        },
        {
          "name": "RHSA-2018:1997",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1997"
        },
        {
          "name": "RHSA-2018:1665",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1665"
        },
        {
          "name": "RHSA-2018:3407",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3407"
        },
        {
          "name": "RHSA-2018:2164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2164"
        },
        {
          "name": "RHSA-2018:2001",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2001"
        },
        {
          "name": "RHSA-2018:3423",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3423"
        },
        {
          "name": "RHSA-2018:2003",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2003"
        },
        {
          "name": "USN-3654-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3654-1/"
        },
        {
          "name": "RHSA-2018:1645",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1645"
        },
        {
          "name": "RHSA-2018:1643",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1643"
        },
        {
          "name": "RHSA-2018:1652",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1652"
        },
        {
          "name": "RHSA-2018:3424",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3424"
        },
        {
          "name": "RHSA-2018:3402",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3402"
        },
        {
          "name": "TA18-141A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "https://www.us-cert.gov/ncas/alerts/TA18-141A"
        },
        {
          "name": "RHSA-2018:1656",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1656"
        },
        {
          "name": "RHSA-2018:1664",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1664"
        },
        {
          "name": "RHSA-2018:2258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2258"
        },
        {
          "name": "RHSA-2018:1688",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1688"
        },
        {
          "name": "RHSA-2018:1658",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1658"
        },
        {
          "name": "RHSA-2018:1657",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1657"
        },
        {
          "name": "RHSA-2018:2289",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2289"
        },
        {
          "name": "RHSA-2018:1666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1666"
        },
        {
          "name": "1042004",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1042004"
        },
        {
          "name": "RHSA-2018:1675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1675"
        },
        {
          "name": "RHSA-2018:1660",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1660"
        },
        {
          "name": "RHSA-2018:1965",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1965"
        },
        {
          "name": "RHSA-2018:1661",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1661"
        },
        {
          "name": "RHSA-2018:1633",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1633"
        },
        {
          "name": "RHSA-2018:1636",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1636"
        },
        {
          "name": "RHSA-2018:1854",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1854"
        },
        {
          "name": "RHSA-2018:2006",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2006"
        },
        {
          "name": "RHSA-2018:2250",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2250"
        },
        {
          "name": "1040949",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040949"
        },
        {
          "name": "RHSA-2018:3401",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3401"
        },
        {
          "name": "RHSA-2018:1737",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1737"
        },
        {
          "name": "RHSA-2018:1826",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1826"
        },
        {
          "name": "USN-3651-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3651-1/"
        },
        {
          "name": "DSA-4210",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4210"
        },
        {
          "name": "44695",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/44695/"
        },
        {
          "name": "RHSA-2018:1651",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1651"
        },
        {
          "name": "RHSA-2018:1638",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1638"
        },
        {
          "name": "RHSA-2018:1696",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1696"
        },
        {
          "name": "RHSA-2018:2246",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2246"
        },
        {
          "name": "RHSA-2018:1644",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1644"
        },
        {
          "name": "RHSA-2018:1646",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1646"
        },
        {
          "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
        },
        {
          "name": "RHSA-2018:1639",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1639"
        },
        {
          "name": "RHSA-2018:1668",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1668"
        },
        {
          "name": "RHSA-2018:1637",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1637"
        },
        {
          "name": "RHSA-2018:2948",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2948"
        },
        {
          "name": "VU#180049",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/180049"
        },
        {
          "name": "RHSA-2018:1686",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1686"
        },
        {
          "name": "RHSA-2018:2172",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2172"
        },
        {
          "name": "RHSA-2018:1663",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1663"
        },
        {
          "name": "USN-3652-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3652-1/"
        },
        {
          "name": "RHSA-2018:1629",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1629"
        },
        {
          "name": "RHSA-2018:1655",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1655"
        },
        {
          "name": "RHSA-2018:1640",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1640"
        },
        {
          "name": "RHSA-2018:1669",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1669"
        },
        {
          "name": "RHSA-2018:1676",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1676"
        },
        {
          "name": "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"
        },
        {
          "name": "RHSA-2018:3425",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3425"
        },
        {
          "name": "RHSA-2018:2363",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2363"
        },
        {
          "name": "RHSA-2018:1632",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1632"
        },
        {
          "name": "RHSA-2018:1650",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1650"
        },
        {
          "name": "RHSA-2018:2396",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2396"
        },
        {
          "name": "RHSA-2018:2364",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2364"
        },
        {
          "name": "USN-3653-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3653-2/"
        },
        {
          "name": "RHSA-2018:2216",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2216"
        },
        {
          "name": "USN-3655-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3655-1/"
        },
        {
          "name": "RHSA-2018:1649",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1649"
        },
        {
          "name": "RHSA-2018:2309",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2309"
        },
        {
          "name": "104232",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104232"
        },
        {
          "name": "RHSA-2018:1653",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1653"
        },
        {
          "name": "RHSA-2018:2171",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2171"
        },
        {
          "name": "RHSA-2018:1635",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1635"
        },
        {
          "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
        },
        {
          "name": "RHSA-2018:2394",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2394"
        },
        {
          "name": "RHSA-2018:1710",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1710"
        },
        {
          "name": "RHSA-2018:1659",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1659"
        },
        {
          "name": "RHSA-2018:1711",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1711"
        },
        {
          "name": "DSA-4273",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4273"
        },
        {
          "name": "RHSA-2018:1738",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1738"
        },
        {
          "name": "RHSA-2018:1674",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1674"
        },
        {
          "name": "RHSA-2018:3396",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3396"
        },
        {
          "name": "RHSA-2018:1667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1667"
        },
        {
          "name": "USN-3654-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3654-2/"
        },
        {
          "name": "RHSA-2018:1662",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1662"
        },
        {
          "name": "RHSA-2018:1630",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1630"
        },
        {
          "name": "RHSA-2018:1647",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1647"
        },
        {
          "name": "RHSA-2018:1967",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1967"
        },
        {
          "name": "USN-3655-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3655-2/"
        },
        {
          "name": "RHSA-2018:3399",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3399"
        },
        {
          "name": "RHSA-2018:2060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2060"
        },
        {
          "name": "RHSA-2018:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1690"
        },
        {
          "name": "USN-3653-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3653-1/"
        },
        {
          "name": "RHSA-2018:2161",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2161"
        },
        {
          "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
        },
        {
          "name": "RHSA-2018:2328",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2328"
        },
        {
          "name": "RHSA-2018:1648",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1648"
        },
        {
          "name": "RHSA-2018:2387",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2387"
        },
        {
          "name": "RHSA-2019:0148",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0148"
        },
        {
          "name": "RHSA-2018:1654",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1654"
        },
        {
          "name": "USN-3679-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3679-1/"
        },
        {
          "name": "USN-3777-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3777-3/"
        },
        {
          "name": "RHSA-2018:1642",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1642"
        },
        {
          "name": "RHSA-2018:3397",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3397"
        },
        {
          "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
        },
        {
          "name": "USN-3756-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3756-1/"
        },
        {
          "name": "RHSA-2018:3398",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3398"
        },
        {
          "name": "RHSA-2018:3400",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3400"
        },
        {
          "name": "RHSA-2018:2228",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2228"
        },
        {
          "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
        },
        {
          "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
        },
        {
          "name": "RHSA-2019:1046",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1046"
        },
        {
          "name": "openSUSE-SU-2019:1439",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
        },
        {
          "name": "openSUSE-SU-2019:1438",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
        },
        {
          "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jun/36"
        },
        {
          "name": "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
        },
        {
          "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
        },
        {
          "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.lenovo.com/us/en/solutions/LEN-22133"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX235225"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/support/security/Synology_SA_18_23"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-263.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"
        },
        {
          "name": "openSUSE-SU-2020:1325",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2018-05-21T00:00:00",
          "ID": "CVE-2018-3639",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Multiple",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Multiple"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:1689",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1689"
            },
            {
              "name": "RHSA-2018:2162",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2162"
            },
            {
              "name": "RHSA-2018:1641",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1641"
            },
            {
              "name": "USN-3680-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3680-1/"
            },
            {
              "name": "RHSA-2018:1997",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1997"
            },
            {
              "name": "RHSA-2018:1665",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1665"
            },
            {
              "name": "RHSA-2018:3407",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3407"
            },
            {
              "name": "RHSA-2018:2164",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2164"
            },
            {
              "name": "RHSA-2018:2001",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2001"
            },
            {
              "name": "RHSA-2018:3423",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3423"
            },
            {
              "name": "RHSA-2018:2003",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2003"
            },
            {
              "name": "USN-3654-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3654-1/"
            },
            {
              "name": "RHSA-2018:1645",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1645"
            },
            {
              "name": "RHSA-2018:1643",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1643"
            },
            {
              "name": "RHSA-2018:1652",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1652"
            },
            {
              "name": "RHSA-2018:3424",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3424"
            },
            {
              "name": "RHSA-2018:3402",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3402"
            },
            {
              "name": "TA18-141A",
              "refsource": "CERT",
              "url": "https://www.us-cert.gov/ncas/alerts/TA18-141A"
            },
            {
              "name": "RHSA-2018:1656",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1656"
            },
            {
              "name": "RHSA-2018:1664",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1664"
            },
            {
              "name": "RHSA-2018:2258",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2258"
            },
            {
              "name": "RHSA-2018:1688",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1688"
            },
            {
              "name": "RHSA-2018:1658",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1658"
            },
            {
              "name": "RHSA-2018:1657",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1657"
            },
            {
              "name": "RHSA-2018:2289",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2289"
            },
            {
              "name": "RHSA-2018:1666",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1666"
            },
            {
              "name": "1042004",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1042004"
            },
            {
              "name": "RHSA-2018:1675",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1675"
            },
            {
              "name": "RHSA-2018:1660",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1660"
            },
            {
              "name": "RHSA-2018:1965",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1965"
            },
            {
              "name": "RHSA-2018:1661",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1661"
            },
            {
              "name": "RHSA-2018:1633",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1633"
            },
            {
              "name": "RHSA-2018:1636",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1636"
            },
            {
              "name": "RHSA-2018:1854",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1854"
            },
            {
              "name": "RHSA-2018:2006",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2006"
            },
            {
              "name": "RHSA-2018:2250",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2250"
            },
            {
              "name": "1040949",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040949"
            },
            {
              "name": "RHSA-2018:3401",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3401"
            },
            {
              "name": "RHSA-2018:1737",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1737"
            },
            {
              "name": "RHSA-2018:1826",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1826"
            },
            {
              "name": "USN-3651-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3651-1/"
            },
            {
              "name": "DSA-4210",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4210"
            },
            {
              "name": "44695",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/44695/"
            },
            {
              "name": "RHSA-2018:1651",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1651"
            },
            {
              "name": "RHSA-2018:1638",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1638"
            },
            {
              "name": "RHSA-2018:1696",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1696"
            },
            {
              "name": "RHSA-2018:2246",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2246"
            },
            {
              "name": "RHSA-2018:1644",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1644"
            },
            {
              "name": "RHSA-2018:1646",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1646"
            },
            {
              "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
            },
            {
              "name": "RHSA-2018:1639",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1639"
            },
            {
              "name": "RHSA-2018:1668",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1668"
            },
            {
              "name": "RHSA-2018:1637",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1637"
            },
            {
              "name": "RHSA-2018:2948",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2948"
            },
            {
              "name": "VU#180049",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/180049"
            },
            {
              "name": "RHSA-2018:1686",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1686"
            },
            {
              "name": "RHSA-2018:2172",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2172"
            },
            {
              "name": "RHSA-2018:1663",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1663"
            },
            {
              "name": "USN-3652-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3652-1/"
            },
            {
              "name": "RHSA-2018:1629",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1629"
            },
            {
              "name": "RHSA-2018:1655",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1655"
            },
            {
              "name": "RHSA-2018:1640",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1640"
            },
            {
              "name": "RHSA-2018:1669",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1669"
            },
            {
              "name": "RHSA-2018:1676",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1676"
            },
            {
              "name": "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"
            },
            {
              "name": "RHSA-2018:3425",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3425"
            },
            {
              "name": "RHSA-2018:2363",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2363"
            },
            {
              "name": "RHSA-2018:1632",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1632"
            },
            {
              "name": "RHSA-2018:1650",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1650"
            },
            {
              "name": "RHSA-2018:2396",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2396"
            },
            {
              "name": "RHSA-2018:2364",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2364"
            },
            {
              "name": "USN-3653-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3653-2/"
            },
            {
              "name": "RHSA-2018:2216",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2216"
            },
            {
              "name": "USN-3655-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3655-1/"
            },
            {
              "name": "RHSA-2018:1649",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1649"
            },
            {
              "name": "RHSA-2018:2309",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2309"
            },
            {
              "name": "104232",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104232"
            },
            {
              "name": "RHSA-2018:1653",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1653"
            },
            {
              "name": "RHSA-2018:2171",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2171"
            },
            {
              "name": "RHSA-2018:1635",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1635"
            },
            {
              "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
            },
            {
              "name": "RHSA-2018:2394",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2394"
            },
            {
              "name": "RHSA-2018:1710",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1710"
            },
            {
              "name": "RHSA-2018:1659",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1659"
            },
            {
              "name": "RHSA-2018:1711",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1711"
            },
            {
              "name": "DSA-4273",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4273"
            },
            {
              "name": "RHSA-2018:1738",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1738"
            },
            {
              "name": "RHSA-2018:1674",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1674"
            },
            {
              "name": "RHSA-2018:3396",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3396"
            },
            {
              "name": "RHSA-2018:1667",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1667"
            },
            {
              "name": "USN-3654-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3654-2/"
            },
            {
              "name": "RHSA-2018:1662",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1662"
            },
            {
              "name": "RHSA-2018:1630",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1630"
            },
            {
              "name": "RHSA-2018:1647",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1647"
            },
            {
              "name": "RHSA-2018:1967",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1967"
            },
            {
              "name": "USN-3655-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3655-2/"
            },
            {
              "name": "RHSA-2018:3399",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3399"
            },
            {
              "name": "RHSA-2018:2060",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2060"
            },
            {
              "name": "RHSA-2018:1690",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1690"
            },
            {
              "name": "USN-3653-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3653-1/"
            },
            {
              "name": "RHSA-2018:2161",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2161"
            },
            {
              "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
            },
            {
              "name": "RHSA-2018:2328",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2328"
            },
            {
              "name": "RHSA-2018:1648",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1648"
            },
            {
              "name": "RHSA-2018:2387",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2387"
            },
            {
              "name": "RHSA-2019:0148",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:0148"
            },
            {
              "name": "RHSA-2018:1654",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1654"
            },
            {
              "name": "USN-3679-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3679-1/"
            },
            {
              "name": "USN-3777-3",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3777-3/"
            },
            {
              "name": "RHSA-2018:1642",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1642"
            },
            {
              "name": "RHSA-2018:3397",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3397"
            },
            {
              "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
            },
            {
              "name": "USN-3756-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3756-1/"
            },
            {
              "name": "RHSA-2018:3398",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3398"
            },
            {
              "name": "RHSA-2018:3400",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3400"
            },
            {
              "name": "RHSA-2018:2228",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2228"
            },
            {
              "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
            },
            {
              "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
            },
            {
              "name": "RHSA-2019:1046",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1046"
            },
            {
              "name": "openSUSE-SU-2019:1439",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
            },
            {
              "name": "openSUSE-SU-2019:1438",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
            },
            {
              "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jun/36"
            },
            {
              "name": "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
            },
            {
              "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
            },
            {
              "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
              "refsource": "CONFIRM",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
            },
            {
              "name": "http://support.lenovo.com/us/en/solutions/LEN-22133",
              "refsource": "CONFIRM",
              "url": "http://support.lenovo.com/us/en/solutions/LEN-22133"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004"
            },
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012",
              "refsource": "CONFIRM",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012"
            },
            {
              "name": "https://support.citrix.com/article/CTX235225",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX235225"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_18_23",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/support/security/Synology_SA_18_23"
            },
            {
              "name": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
              "refsource": "CONFIRM",
              "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
            },
            {
              "name": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html",
              "refsource": "CONFIRM",
              "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-263.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-263.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
            },
            {
              "name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006",
              "refsource": "CONFIRM",
              "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us"
            },
            {
              "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528",
              "refsource": "MISC",
              "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180521-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
            },
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
            },
            {
              "name": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html",
              "refsource": "CONFIRM",
              "url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"
            },
            {
              "name": "openSUSE-SU-2020:1325",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-3639",
    "datePublished": "2018-05-22T12:00:00Z",
    "dateReserved": "2017-12-28T00:00:00",
    "dateUpdated": "2024-09-16T22:55:27.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34400 (GCVE-0-2021-34400)

Vulnerability from cvelistv5 – Published: 2021-11-20 14:55 – Updated: 2024-08-04 00:12
VLAI?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE 226: Sensitive Information in Resource Not Removed Before Reuse
Assigner
References
Impacted products
Vendor Product Version
NVIDIA NVIDIA GPU and Tegra hardware Affected: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:12:49.808Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NVIDIA GPU and Tegra hardware",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE 226: Sensitive Information in Resource Not Removed Before Reuse",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-20T14:55:27",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2021-34400",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NVIDIA GPU and Tegra hardware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 4.1,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE 226: Sensitive Information in Resource Not Removed Before Reuse"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2021-34400",
    "datePublished": "2021-11-20T14:55:27",
    "dateReserved": "2021-06-09T00:00:00",
    "dateUpdated": "2024-08-04T00:12:49.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34399 (GCVE-0-2021-34399)

Vulnerability from cvelistv5 – Published: 2021-11-20 14:55 – Updated: 2024-08-04 00:12
VLAI?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE 226: Sensitive Information in Resource Not Removed Before Reuse
Assigner
References
Impacted products
Vendor Product Version
NVIDIA NVIDIA GPU and Tegra hardware Affected: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:12:49.877Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NVIDIA GPU and Tegra hardware",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE 226: Sensitive Information in Resource Not Removed Before Reuse",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-20T14:55:25",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2021-34399",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NVIDIA GPU and Tegra hardware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 4.1,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE 226: Sensitive Information in Resource Not Removed Before Reuse"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2021-34399",
    "datePublished": "2021-11-20T14:55:25",
    "dateReserved": "2021-06-09T00:00:00",
    "dateUpdated": "2024-08-04T00:12:49.877Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-23219 (GCVE-0-2021-23219)

Vulnerability from cvelistv5 – Published: 2021-11-20 14:55 – Updated: 2024-08-03 19:05
VLAI?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE 1190: DMA Device Enabled Too Early in Boot Phase
Assigner
References
Impacted products
Vendor Product Version
NVIDIA NVIDIA GPU and Tegra hardware Affected: Maxwell (except GM206), Tegra X1, Tegra X1+
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T19:05:55.355Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NVIDIA GPU and Tegra hardware",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "Maxwell (except GM206), Tegra X1, Tegra X1+"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE 1190: DMA Device Enabled Too Early in Boot Phase",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-08T18:36:13",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2021-23219",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NVIDIA GPU and Tegra hardware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Maxwell (except GM206), Tegra X1, Tegra X1+"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 4.1,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE 1190: DMA Device Enabled Too Early in Boot Phase"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2021-23219",
    "datePublished": "2021-11-20T14:55:24",
    "dateReserved": "2021-02-09T00:00:00",
    "dateUpdated": "2024-08-03T19:05:55.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1125 (GCVE-0-2021-1125)

Vulnerability from cvelistv5 – Published: 2021-11-20 14:55 – Updated: 2024-08-03 15:55
VLAI?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
CWE
  • CWE 325: Missing Cryptographic Step
Assigner
References
Impacted products
Vendor Product Version
NVIDIA NVIDIA GPU and Tegra hardware Affected: Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:55:18.660Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NVIDIA GPU and Tegra hardware",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE 325: Missing Cryptographic Step",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-20T14:55:20",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2021-1125",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NVIDIA GPU and Tegra hardware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 4.1,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE 325: Missing Cryptographic Step"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2021-1125",
    "datePublished": "2021-11-20T14:55:20",
    "dateReserved": "2020-11-12T00:00:00",
    "dateUpdated": "2024-08-03T15:55:18.660Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1105 (GCVE-0-2021-1105)

Vulnerability from cvelistv5 – Published: 2021-11-20 14:55 – Updated: 2024-08-03 15:55
VLAI?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE 1313: Hardware Allows Activation of Test or Debug Logic at Runtime
Assigner
References
Impacted products
Vendor Product Version
NVIDIA NVIDIA GPU and Tegra hardware Affected: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:55:18.491Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NVIDIA GPU and Tegra hardware",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE 1313: Hardware Allows Activation of Test or Debug Logic at Runtime",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-20T14:55:18",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2021-1105",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NVIDIA GPU and Tegra hardware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 4.1,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE 1313: Hardware Allows Activation of Test or Debug Logic at Runtime"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2021-1105",
    "datePublished": "2021-11-20T14:55:19",
    "dateReserved": "2020-11-12T00:00:00",
    "dateUpdated": "2024-08-03T15:55:18.491Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1088 (GCVE-0-2021-1088)

Vulnerability from cvelistv5 – Published: 2021-11-20 14:55 – Updated: 2024-08-03 15:55
VLAI?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE 200: Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
Vendor Product Version
NVIDIA NVIDIA GPU and Tegra hardware Affected: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:55:18.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NVIDIA GPU and Tegra hardware",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE 200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-20T14:55:17",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2021-1088",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NVIDIA GPU and Tegra hardware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 4.1,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE 200: Exposure of Sensitive Information to an Unauthorized Actor"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2021-1088",
    "datePublished": "2021-11-20T14:55:17",
    "dateReserved": "2020-11-12T00:00:00",
    "dateUpdated": "2024-08-03T15:55:18.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-6269 (GCVE-0-2018-6269)

Vulnerability from cvelistv5 – Published: 2019-04-12 16:25 – Updated: 2024-08-05 06:01
VLAI?
Summary
NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. The updates apply to all versions prior to R28.3.
Severity ?
No CVSS data available.
CWE
  • Code execution, denial of service, escalation of privileges, information disclosure
Assigner
References
Impacted products
Vendor Product Version
NVIDIA Jetson Tegra TX2 Affected: R28.3
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:01:48.548Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Jetson Tegra TX2",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "R28.3"
            }
          ]
        }
      ],
      "datePublic": "2019-04-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. The updates apply to all versions prior to R28.3."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Code execution, denial of service, escalation of privileges, information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-02T21:06:06",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2018-6269",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Jetson Tegra TX2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R28.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. The updates apply to all versions prior to R28.3."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Code execution, denial of service, escalation of privileges, information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
            },
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2018-6269",
    "datePublished": "2019-04-12T16:25:45",
    "dateReserved": "2018-01-25T00:00:00",
    "dateUpdated": "2024-08-05T06:01:48.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-6239 (GCVE-0-2018-6239)

Vulnerability from cvelistv5 – Published: 2019-04-12 16:24 – Updated: 2024-08-05 06:01
VLAI?
Summary
NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. The updates apply to all versions prior to R28.3.
Severity ?
No CVSS data available.
CWE
  • Information disclosure
Assigner
References
Impacted products
Vendor Product Version
NVIDIA Jetson TX2 Affected: R28.3
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:01:48.089Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Jetson TX2",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "R28.3"
            }
          ]
        }
      ],
      "datePublic": "2019-04-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. The updates apply to all versions prior to R28.3."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-24T19:58:03",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2018-6239",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Jetson TX2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R28.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. The updates apply to all versions prior to R28.3."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2018-6239",
    "datePublished": "2019-04-12T16:24:59",
    "dateReserved": "2018-01-25T00:00:00",
    "dateUpdated": "2024-08-05T06:01:48.089Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-5673 (GCVE-0-2019-5673)

Vulnerability from cvelistv5 – Published: 2019-04-11 16:38 – Updated: 2024-08-04 20:01
VLAI?
Summary
NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3) where the ARM System Memory Management Unit (SMMU) improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service.
Severity ?
No CVSS data available.
CWE
  • Denial of service
Assigner
References
Impacted products
Vendor Product Version
NVIDIA Jetson TX2 Affected: All versions prior to version R28.3
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:01:52.043Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Jetson TX2",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to version R28.3"
            }
          ]
        }
      ],
      "datePublic": "2019-04-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3) where the ARM System Memory Management Unit (SMMU) improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-17T14:44:48",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2019-5673",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Jetson TX2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions prior to version R28.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3) where the ARM System Memory Management Unit (SMMU) improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2019-5673",
    "datePublished": "2019-04-11T16:38:55",
    "dateReserved": "2019-01-07T00:00:00",
    "dateUpdated": "2024-08-04T20:01:52.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-5672 (GCVE-0-2019-5672)

Vulnerability from cvelistv5 – Published: 2019-04-11 16:37 – Updated: 2024-08-04 20:01
VLAI?
Summary
NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure.
Severity ?
No CVSS data available.
CWE
  • Information disclosure
Assigner
References
Impacted products
Vendor Product Version
NVIDIA Jetson TX1 and TX2 Affected: All versions prior to version R28.3
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:01:51.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Jetson TX1 and TX2",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to version R28.3"
            }
          ]
        }
      ],
      "datePublic": "2019-04-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-17T14:43:21",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2019-5672",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Jetson TX1 and TX2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions prior to version R28.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NVIDIA"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2019-5672",
    "datePublished": "2019-04-11T16:37:26",
    "dateReserved": "2019-01-07T00:00:00",
    "dateUpdated": "2024-08-04T20:01:51.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-3639 (GCVE-0-2018-3639)

Vulnerability from cvelistv5 – Published: 2018-05-22 12:00 – Updated: 2024-09-16 22:55
VLAI?
Summary
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
Severity ?
No CVSS data available.
CWE
  • Information Disclosure
Assigner
References
https://access.redhat.com/errata/RHSA-2018:1689 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2162 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1641 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3680-1/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:1997 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1665 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3407 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2164 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2001 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3423 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2003 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3654-1/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:1645 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1643 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1652 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3424 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3402 vendor-advisoryx_refsource_REDHAT
https://www.us-cert.gov/ncas/alerts/TA18-141A third-party-advisoryx_refsource_CERT
https://access.redhat.com/errata/RHSA-2018:1656 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1664 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2258 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1688 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1658 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1657 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2289 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1666 vendor-advisoryx_refsource_REDHAT
http://www.securitytracker.com/id/1042004 vdb-entryx_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2018:1675 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1660 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1965 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1661 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1633 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1636 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1854 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2006 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2250 vendor-advisoryx_refsource_REDHAT
http://www.securitytracker.com/id/1040949 vdb-entryx_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2018:3401 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1737 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1826 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3651-1/ vendor-advisoryx_refsource_UBUNTU
https://www.debian.org/security/2018/dsa-4210 vendor-advisoryx_refsource_DEBIAN
https://www.exploit-db.com/exploits/44695/ exploitx_refsource_EXPLOIT-DB
https://access.redhat.com/errata/RHSA-2018:1651 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1638 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1696 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2246 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1644 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1646 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2018… mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2018:1639 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1668 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1637 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2948 vendor-advisoryx_refsource_REDHAT
https://www.kb.cert.org/vuls/id/180049 third-party-advisoryx_refsource_CERT-VN
https://access.redhat.com/errata/RHSA-2018:1686 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2172 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1663 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3652-1/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:1629 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1655 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1640 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1669 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1676 vendor-advisoryx_refsource_REDHAT
https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
https://access.redhat.com/errata/RHSA-2018:3425 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2363 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1632 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1650 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2396 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2364 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3653-2/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:2216 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3655-1/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:1649 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2309 vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/104232 vdb-entryx_refsource_BID
https://access.redhat.com/errata/RHSA-2018:1653 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2171 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1635 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2018… mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2018:2394 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1710 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1659 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1711 vendor-advisoryx_refsource_REDHAT
https://www.debian.org/security/2018/dsa-4273 vendor-advisoryx_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2018:1738 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1674 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3396 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1667 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3654-2/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:1662 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1630 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1647 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1967 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3655-2/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:3399 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2060 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1690 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3653-1/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:2161 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2018… mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2018:2328 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1648 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2387 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:0148 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1654 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3679-1/ vendor-advisoryx_refsource_UBUNTU
https://usn.ubuntu.com/3777-3/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:1642 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3397 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
https://usn.ubuntu.com/3756-1/ vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:3398 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3400 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2228 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2019:1046 vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
https://seclists.org/bugtraq/2019/Jun/36 mailing-listx_refsource_BUGTRAQ
http://www.openwall.com/lists/oss-security/2020/06/10/1 mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2020/06/10/2 mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2020/06/10/5 mailing-listx_refsource_MLIST
https://www.oracle.com/security-alerts/cpujul2020.html x_refsource_MISC
https://www.oracle.com/technetwork/security-advis… x_refsource_CONFIRM
https://help.ecostruxureit.com/display/public/UAD… x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/s… x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/s… x_refsource_CONFIRM
http://support.lenovo.com/us/en/solutions/LEN-22133 x_refsource_CONFIRM
https://psirt.global.sonicwall.com/vuln-detail/SN… x_refsource_CONFIRM
https://portal.msrc.microsoft.com/en-US/security-… x_refsource_CONFIRM
https://support.citrix.com/article/CTX235225 x_refsource_CONFIRM
https://www.intel.com/content/www/us/en/security-… x_refsource_CONFIRM
https://www.synology.com/support/security/Synolog… x_refsource_CONFIRM
https://developer.arm.com/support/arm-security-up… x_refsource_CONFIRM
http://www.fujitsu.com/global/support/products/so… x_refsource_CONFIRM
http://xenbits.xen.org/xsa/advisory-263.html x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/s… x_refsource_CONFIRM
https://www.mitel.com/en-ca/support/security-advi… x_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?d… x_refsource_CONFIRM
https://bugs.chromium.org/p/project-zero/issues/d… x_refsource_MISC
https://security.netapp.com/advisory/ntap-2018052… x_refsource_CONFIRM
https://nvidia.custhelp.com/app/answers/detail/a_… x_refsource_CONFIRM
https://support.oracle.com/knowledge/Sun%20Micros… x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
Impacted products
Vendor Product Version
Intel Corporation Multiple Affected: Multiple
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T04:50:30.281Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:1689",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1689"
          },
          {
            "name": "RHSA-2018:2162",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2162"
          },
          {
            "name": "RHSA-2018:1641",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1641"
          },
          {
            "name": "USN-3680-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3680-1/"
          },
          {
            "name": "RHSA-2018:1997",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1997"
          },
          {
            "name": "RHSA-2018:1665",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1665"
          },
          {
            "name": "RHSA-2018:3407",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3407"
          },
          {
            "name": "RHSA-2018:2164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2164"
          },
          {
            "name": "RHSA-2018:2001",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2001"
          },
          {
            "name": "RHSA-2018:3423",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3423"
          },
          {
            "name": "RHSA-2018:2003",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2003"
          },
          {
            "name": "USN-3654-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3654-1/"
          },
          {
            "name": "RHSA-2018:1645",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1645"
          },
          {
            "name": "RHSA-2018:1643",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1643"
          },
          {
            "name": "RHSA-2018:1652",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1652"
          },
          {
            "name": "RHSA-2018:3424",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3424"
          },
          {
            "name": "RHSA-2018:3402",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3402"
          },
          {
            "name": "TA18-141A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ncas/alerts/TA18-141A"
          },
          {
            "name": "RHSA-2018:1656",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1656"
          },
          {
            "name": "RHSA-2018:1664",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1664"
          },
          {
            "name": "RHSA-2018:2258",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2258"
          },
          {
            "name": "RHSA-2018:1688",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1688"
          },
          {
            "name": "RHSA-2018:1658",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1658"
          },
          {
            "name": "RHSA-2018:1657",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1657"
          },
          {
            "name": "RHSA-2018:2289",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2289"
          },
          {
            "name": "RHSA-2018:1666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1666"
          },
          {
            "name": "1042004",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1042004"
          },
          {
            "name": "RHSA-2018:1675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1675"
          },
          {
            "name": "RHSA-2018:1660",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1660"
          },
          {
            "name": "RHSA-2018:1965",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1965"
          },
          {
            "name": "RHSA-2018:1661",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1661"
          },
          {
            "name": "RHSA-2018:1633",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1633"
          },
          {
            "name": "RHSA-2018:1636",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1636"
          },
          {
            "name": "RHSA-2018:1854",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1854"
          },
          {
            "name": "RHSA-2018:2006",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2006"
          },
          {
            "name": "RHSA-2018:2250",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2250"
          },
          {
            "name": "1040949",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040949"
          },
          {
            "name": "RHSA-2018:3401",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3401"
          },
          {
            "name": "RHSA-2018:1737",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1737"
          },
          {
            "name": "RHSA-2018:1826",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1826"
          },
          {
            "name": "USN-3651-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3651-1/"
          },
          {
            "name": "DSA-4210",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4210"
          },
          {
            "name": "44695",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/44695/"
          },
          {
            "name": "RHSA-2018:1651",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1651"
          },
          {
            "name": "RHSA-2018:1638",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1638"
          },
          {
            "name": "RHSA-2018:1696",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1696"
          },
          {
            "name": "RHSA-2018:2246",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2246"
          },
          {
            "name": "RHSA-2018:1644",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1644"
          },
          {
            "name": "RHSA-2018:1646",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1646"
          },
          {
            "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
          },
          {
            "name": "RHSA-2018:1639",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1639"
          },
          {
            "name": "RHSA-2018:1668",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1668"
          },
          {
            "name": "RHSA-2018:1637",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1637"
          },
          {
            "name": "RHSA-2018:2948",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2948"
          },
          {
            "name": "VU#180049",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/180049"
          },
          {
            "name": "RHSA-2018:1686",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1686"
          },
          {
            "name": "RHSA-2018:2172",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2172"
          },
          {
            "name": "RHSA-2018:1663",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1663"
          },
          {
            "name": "USN-3652-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3652-1/"
          },
          {
            "name": "RHSA-2018:1629",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1629"
          },
          {
            "name": "RHSA-2018:1655",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1655"
          },
          {
            "name": "RHSA-2018:1640",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1640"
          },
          {
            "name": "RHSA-2018:1669",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1669"
          },
          {
            "name": "RHSA-2018:1676",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1676"
          },
          {
            "name": "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"
          },
          {
            "name": "RHSA-2018:3425",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3425"
          },
          {
            "name": "RHSA-2018:2363",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2363"
          },
          {
            "name": "RHSA-2018:1632",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1632"
          },
          {
            "name": "RHSA-2018:1650",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1650"
          },
          {
            "name": "RHSA-2018:2396",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2396"
          },
          {
            "name": "RHSA-2018:2364",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2364"
          },
          {
            "name": "USN-3653-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3653-2/"
          },
          {
            "name": "RHSA-2018:2216",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2216"
          },
          {
            "name": "USN-3655-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3655-1/"
          },
          {
            "name": "RHSA-2018:1649",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1649"
          },
          {
            "name": "RHSA-2018:2309",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2309"
          },
          {
            "name": "104232",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104232"
          },
          {
            "name": "RHSA-2018:1653",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1653"
          },
          {
            "name": "RHSA-2018:2171",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2171"
          },
          {
            "name": "RHSA-2018:1635",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1635"
          },
          {
            "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
          },
          {
            "name": "RHSA-2018:2394",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2394"
          },
          {
            "name": "RHSA-2018:1710",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1710"
          },
          {
            "name": "RHSA-2018:1659",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1659"
          },
          {
            "name": "RHSA-2018:1711",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1711"
          },
          {
            "name": "DSA-4273",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4273"
          },
          {
            "name": "RHSA-2018:1738",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1738"
          },
          {
            "name": "RHSA-2018:1674",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1674"
          },
          {
            "name": "RHSA-2018:3396",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3396"
          },
          {
            "name": "RHSA-2018:1667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1667"
          },
          {
            "name": "USN-3654-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3654-2/"
          },
          {
            "name": "RHSA-2018:1662",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1662"
          },
          {
            "name": "RHSA-2018:1630",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1630"
          },
          {
            "name": "RHSA-2018:1647",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1647"
          },
          {
            "name": "RHSA-2018:1967",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1967"
          },
          {
            "name": "USN-3655-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3655-2/"
          },
          {
            "name": "RHSA-2018:3399",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3399"
          },
          {
            "name": "RHSA-2018:2060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2060"
          },
          {
            "name": "RHSA-2018:1690",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1690"
          },
          {
            "name": "USN-3653-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3653-1/"
          },
          {
            "name": "RHSA-2018:2161",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2161"
          },
          {
            "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
          },
          {
            "name": "RHSA-2018:2328",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2328"
          },
          {
            "name": "RHSA-2018:1648",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1648"
          },
          {
            "name": "RHSA-2018:2387",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2387"
          },
          {
            "name": "RHSA-2019:0148",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0148"
          },
          {
            "name": "RHSA-2018:1654",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1654"
          },
          {
            "name": "USN-3679-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3679-1/"
          },
          {
            "name": "USN-3777-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3777-3/"
          },
          {
            "name": "RHSA-2018:1642",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1642"
          },
          {
            "name": "RHSA-2018:3397",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3397"
          },
          {
            "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
          },
          {
            "name": "USN-3756-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3756-1/"
          },
          {
            "name": "RHSA-2018:3398",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3398"
          },
          {
            "name": "RHSA-2018:3400",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3400"
          },
          {
            "name": "RHSA-2018:2228",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2228"
          },
          {
            "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
          },
          {
            "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
          },
          {
            "name": "RHSA-2019:1046",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1046"
          },
          {
            "name": "openSUSE-SU-2019:1439",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
          },
          {
            "name": "openSUSE-SU-2019:1438",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
          },
          {
            "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jun/36"
          },
          {
            "name": "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
          },
          {
            "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
          },
          {
            "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.lenovo.com/us/en/solutions/LEN-22133"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX235225"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/support/security/Synology_SA_18_23"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-263.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"
          },
          {
            "name": "openSUSE-SU-2020:1325",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Multiple",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Multiple"
            }
          ]
        }
      ],
      "datePublic": "2018-05-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-02T20:06:27",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "RHSA-2018:1689",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1689"
        },
        {
          "name": "RHSA-2018:2162",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2162"
        },
        {
          "name": "RHSA-2018:1641",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1641"
        },
        {
          "name": "USN-3680-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3680-1/"
        },
        {
          "name": "RHSA-2018:1997",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1997"
        },
        {
          "name": "RHSA-2018:1665",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1665"
        },
        {
          "name": "RHSA-2018:3407",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3407"
        },
        {
          "name": "RHSA-2018:2164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2164"
        },
        {
          "name": "RHSA-2018:2001",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2001"
        },
        {
          "name": "RHSA-2018:3423",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3423"
        },
        {
          "name": "RHSA-2018:2003",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2003"
        },
        {
          "name": "USN-3654-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3654-1/"
        },
        {
          "name": "RHSA-2018:1645",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1645"
        },
        {
          "name": "RHSA-2018:1643",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1643"
        },
        {
          "name": "RHSA-2018:1652",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1652"
        },
        {
          "name": "RHSA-2018:3424",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3424"
        },
        {
          "name": "RHSA-2018:3402",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3402"
        },
        {
          "name": "TA18-141A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "https://www.us-cert.gov/ncas/alerts/TA18-141A"
        },
        {
          "name": "RHSA-2018:1656",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1656"
        },
        {
          "name": "RHSA-2018:1664",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1664"
        },
        {
          "name": "RHSA-2018:2258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2258"
        },
        {
          "name": "RHSA-2018:1688",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1688"
        },
        {
          "name": "RHSA-2018:1658",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1658"
        },
        {
          "name": "RHSA-2018:1657",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1657"
        },
        {
          "name": "RHSA-2018:2289",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2289"
        },
        {
          "name": "RHSA-2018:1666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1666"
        },
        {
          "name": "1042004",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1042004"
        },
        {
          "name": "RHSA-2018:1675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1675"
        },
        {
          "name": "RHSA-2018:1660",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1660"
        },
        {
          "name": "RHSA-2018:1965",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1965"
        },
        {
          "name": "RHSA-2018:1661",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1661"
        },
        {
          "name": "RHSA-2018:1633",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1633"
        },
        {
          "name": "RHSA-2018:1636",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1636"
        },
        {
          "name": "RHSA-2018:1854",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1854"
        },
        {
          "name": "RHSA-2018:2006",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2006"
        },
        {
          "name": "RHSA-2018:2250",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2250"
        },
        {
          "name": "1040949",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040949"
        },
        {
          "name": "RHSA-2018:3401",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3401"
        },
        {
          "name": "RHSA-2018:1737",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1737"
        },
        {
          "name": "RHSA-2018:1826",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1826"
        },
        {
          "name": "USN-3651-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3651-1/"
        },
        {
          "name": "DSA-4210",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4210"
        },
        {
          "name": "44695",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/44695/"
        },
        {
          "name": "RHSA-2018:1651",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1651"
        },
        {
          "name": "RHSA-2018:1638",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1638"
        },
        {
          "name": "RHSA-2018:1696",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1696"
        },
        {
          "name": "RHSA-2018:2246",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2246"
        },
        {
          "name": "RHSA-2018:1644",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1644"
        },
        {
          "name": "RHSA-2018:1646",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1646"
        },
        {
          "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
        },
        {
          "name": "RHSA-2018:1639",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1639"
        },
        {
          "name": "RHSA-2018:1668",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1668"
        },
        {
          "name": "RHSA-2018:1637",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1637"
        },
        {
          "name": "RHSA-2018:2948",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2948"
        },
        {
          "name": "VU#180049",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/180049"
        },
        {
          "name": "RHSA-2018:1686",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1686"
        },
        {
          "name": "RHSA-2018:2172",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2172"
        },
        {
          "name": "RHSA-2018:1663",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1663"
        },
        {
          "name": "USN-3652-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3652-1/"
        },
        {
          "name": "RHSA-2018:1629",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1629"
        },
        {
          "name": "RHSA-2018:1655",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1655"
        },
        {
          "name": "RHSA-2018:1640",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1640"
        },
        {
          "name": "RHSA-2018:1669",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1669"
        },
        {
          "name": "RHSA-2018:1676",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1676"
        },
        {
          "name": "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"
        },
        {
          "name": "RHSA-2018:3425",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3425"
        },
        {
          "name": "RHSA-2018:2363",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2363"
        },
        {
          "name": "RHSA-2018:1632",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1632"
        },
        {
          "name": "RHSA-2018:1650",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1650"
        },
        {
          "name": "RHSA-2018:2396",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2396"
        },
        {
          "name": "RHSA-2018:2364",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2364"
        },
        {
          "name": "USN-3653-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3653-2/"
        },
        {
          "name": "RHSA-2018:2216",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2216"
        },
        {
          "name": "USN-3655-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3655-1/"
        },
        {
          "name": "RHSA-2018:1649",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1649"
        },
        {
          "name": "RHSA-2018:2309",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2309"
        },
        {
          "name": "104232",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104232"
        },
        {
          "name": "RHSA-2018:1653",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1653"
        },
        {
          "name": "RHSA-2018:2171",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2171"
        },
        {
          "name": "RHSA-2018:1635",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1635"
        },
        {
          "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
        },
        {
          "name": "RHSA-2018:2394",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2394"
        },
        {
          "name": "RHSA-2018:1710",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1710"
        },
        {
          "name": "RHSA-2018:1659",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1659"
        },
        {
          "name": "RHSA-2018:1711",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1711"
        },
        {
          "name": "DSA-4273",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4273"
        },
        {
          "name": "RHSA-2018:1738",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1738"
        },
        {
          "name": "RHSA-2018:1674",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1674"
        },
        {
          "name": "RHSA-2018:3396",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3396"
        },
        {
          "name": "RHSA-2018:1667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1667"
        },
        {
          "name": "USN-3654-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3654-2/"
        },
        {
          "name": "RHSA-2018:1662",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1662"
        },
        {
          "name": "RHSA-2018:1630",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1630"
        },
        {
          "name": "RHSA-2018:1647",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1647"
        },
        {
          "name": "RHSA-2018:1967",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1967"
        },
        {
          "name": "USN-3655-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3655-2/"
        },
        {
          "name": "RHSA-2018:3399",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3399"
        },
        {
          "name": "RHSA-2018:2060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2060"
        },
        {
          "name": "RHSA-2018:1690",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1690"
        },
        {
          "name": "USN-3653-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3653-1/"
        },
        {
          "name": "RHSA-2018:2161",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2161"
        },
        {
          "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
        },
        {
          "name": "RHSA-2018:2328",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2328"
        },
        {
          "name": "RHSA-2018:1648",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1648"
        },
        {
          "name": "RHSA-2018:2387",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2387"
        },
        {
          "name": "RHSA-2019:0148",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0148"
        },
        {
          "name": "RHSA-2018:1654",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1654"
        },
        {
          "name": "USN-3679-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3679-1/"
        },
        {
          "name": "USN-3777-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3777-3/"
        },
        {
          "name": "RHSA-2018:1642",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1642"
        },
        {
          "name": "RHSA-2018:3397",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3397"
        },
        {
          "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
        },
        {
          "name": "USN-3756-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3756-1/"
        },
        {
          "name": "RHSA-2018:3398",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3398"
        },
        {
          "name": "RHSA-2018:3400",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3400"
        },
        {
          "name": "RHSA-2018:2228",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2228"
        },
        {
          "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
        },
        {
          "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
        },
        {
          "name": "RHSA-2019:1046",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1046"
        },
        {
          "name": "openSUSE-SU-2019:1439",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
        },
        {
          "name": "openSUSE-SU-2019:1438",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
        },
        {
          "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jun/36"
        },
        {
          "name": "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
        },
        {
          "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
        },
        {
          "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.lenovo.com/us/en/solutions/LEN-22133"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX235225"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/support/security/Synology_SA_18_23"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-263.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"
        },
        {
          "name": "openSUSE-SU-2020:1325",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2018-05-21T00:00:00",
          "ID": "CVE-2018-3639",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Multiple",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Multiple"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:1689",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1689"
            },
            {
              "name": "RHSA-2018:2162",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2162"
            },
            {
              "name": "RHSA-2018:1641",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1641"
            },
            {
              "name": "USN-3680-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3680-1/"
            },
            {
              "name": "RHSA-2018:1997",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1997"
            },
            {
              "name": "RHSA-2018:1665",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1665"
            },
            {
              "name": "RHSA-2018:3407",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3407"
            },
            {
              "name": "RHSA-2018:2164",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2164"
            },
            {
              "name": "RHSA-2018:2001",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2001"
            },
            {
              "name": "RHSA-2018:3423",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3423"
            },
            {
              "name": "RHSA-2018:2003",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2003"
            },
            {
              "name": "USN-3654-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3654-1/"
            },
            {
              "name": "RHSA-2018:1645",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1645"
            },
            {
              "name": "RHSA-2018:1643",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1643"
            },
            {
              "name": "RHSA-2018:1652",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1652"
            },
            {
              "name": "RHSA-2018:3424",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3424"
            },
            {
              "name": "RHSA-2018:3402",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3402"
            },
            {
              "name": "TA18-141A",
              "refsource": "CERT",
              "url": "https://www.us-cert.gov/ncas/alerts/TA18-141A"
            },
            {
              "name": "RHSA-2018:1656",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1656"
            },
            {
              "name": "RHSA-2018:1664",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1664"
            },
            {
              "name": "RHSA-2018:2258",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2258"
            },
            {
              "name": "RHSA-2018:1688",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1688"
            },
            {
              "name": "RHSA-2018:1658",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1658"
            },
            {
              "name": "RHSA-2018:1657",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1657"
            },
            {
              "name": "RHSA-2018:2289",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2289"
            },
            {
              "name": "RHSA-2018:1666",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1666"
            },
            {
              "name": "1042004",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1042004"
            },
            {
              "name": "RHSA-2018:1675",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1675"
            },
            {
              "name": "RHSA-2018:1660",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1660"
            },
            {
              "name": "RHSA-2018:1965",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1965"
            },
            {
              "name": "RHSA-2018:1661",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1661"
            },
            {
              "name": "RHSA-2018:1633",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1633"
            },
            {
              "name": "RHSA-2018:1636",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1636"
            },
            {
              "name": "RHSA-2018:1854",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1854"
            },
            {
              "name": "RHSA-2018:2006",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2006"
            },
            {
              "name": "RHSA-2018:2250",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2250"
            },
            {
              "name": "1040949",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040949"
            },
            {
              "name": "RHSA-2018:3401",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3401"
            },
            {
              "name": "RHSA-2018:1737",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1737"
            },
            {
              "name": "RHSA-2018:1826",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1826"
            },
            {
              "name": "USN-3651-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3651-1/"
            },
            {
              "name": "DSA-4210",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4210"
            },
            {
              "name": "44695",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/44695/"
            },
            {
              "name": "RHSA-2018:1651",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1651"
            },
            {
              "name": "RHSA-2018:1638",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1638"
            },
            {
              "name": "RHSA-2018:1696",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1696"
            },
            {
              "name": "RHSA-2018:2246",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2246"
            },
            {
              "name": "RHSA-2018:1644",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1644"
            },
            {
              "name": "RHSA-2018:1646",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1646"
            },
            {
              "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
            },
            {
              "name": "RHSA-2018:1639",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1639"
            },
            {
              "name": "RHSA-2018:1668",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1668"
            },
            {
              "name": "RHSA-2018:1637",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1637"
            },
            {
              "name": "RHSA-2018:2948",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2948"
            },
            {
              "name": "VU#180049",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/180049"
            },
            {
              "name": "RHSA-2018:1686",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1686"
            },
            {
              "name": "RHSA-2018:2172",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2172"
            },
            {
              "name": "RHSA-2018:1663",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1663"
            },
            {
              "name": "USN-3652-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3652-1/"
            },
            {
              "name": "RHSA-2018:1629",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1629"
            },
            {
              "name": "RHSA-2018:1655",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1655"
            },
            {
              "name": "RHSA-2018:1640",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1640"
            },
            {
              "name": "RHSA-2018:1669",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1669"
            },
            {
              "name": "RHSA-2018:1676",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1676"
            },
            {
              "name": "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"
            },
            {
              "name": "RHSA-2018:3425",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3425"
            },
            {
              "name": "RHSA-2018:2363",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2363"
            },
            {
              "name": "RHSA-2018:1632",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1632"
            },
            {
              "name": "RHSA-2018:1650",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1650"
            },
            {
              "name": "RHSA-2018:2396",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2396"
            },
            {
              "name": "RHSA-2018:2364",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2364"
            },
            {
              "name": "USN-3653-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3653-2/"
            },
            {
              "name": "RHSA-2018:2216",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2216"
            },
            {
              "name": "USN-3655-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3655-1/"
            },
            {
              "name": "RHSA-2018:1649",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1649"
            },
            {
              "name": "RHSA-2018:2309",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2309"
            },
            {
              "name": "104232",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104232"
            },
            {
              "name": "RHSA-2018:1653",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1653"
            },
            {
              "name": "RHSA-2018:2171",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2171"
            },
            {
              "name": "RHSA-2018:1635",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1635"
            },
            {
              "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
            },
            {
              "name": "RHSA-2018:2394",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2394"
            },
            {
              "name": "RHSA-2018:1710",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1710"
            },
            {
              "name": "RHSA-2018:1659",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1659"
            },
            {
              "name": "RHSA-2018:1711",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1711"
            },
            {
              "name": "DSA-4273",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4273"
            },
            {
              "name": "RHSA-2018:1738",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1738"
            },
            {
              "name": "RHSA-2018:1674",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1674"
            },
            {
              "name": "RHSA-2018:3396",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3396"
            },
            {
              "name": "RHSA-2018:1667",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1667"
            },
            {
              "name": "USN-3654-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3654-2/"
            },
            {
              "name": "RHSA-2018:1662",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1662"
            },
            {
              "name": "RHSA-2018:1630",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1630"
            },
            {
              "name": "RHSA-2018:1647",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1647"
            },
            {
              "name": "RHSA-2018:1967",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1967"
            },
            {
              "name": "USN-3655-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3655-2/"
            },
            {
              "name": "RHSA-2018:3399",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3399"
            },
            {
              "name": "RHSA-2018:2060",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2060"
            },
            {
              "name": "RHSA-2018:1690",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1690"
            },
            {
              "name": "USN-3653-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3653-1/"
            },
            {
              "name": "RHSA-2018:2161",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2161"
            },
            {
              "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
            },
            {
              "name": "RHSA-2018:2328",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2328"
            },
            {
              "name": "RHSA-2018:1648",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1648"
            },
            {
              "name": "RHSA-2018:2387",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2387"
            },
            {
              "name": "RHSA-2019:0148",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:0148"
            },
            {
              "name": "RHSA-2018:1654",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1654"
            },
            {
              "name": "USN-3679-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3679-1/"
            },
            {
              "name": "USN-3777-3",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3777-3/"
            },
            {
              "name": "RHSA-2018:1642",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1642"
            },
            {
              "name": "RHSA-2018:3397",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3397"
            },
            {
              "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
            },
            {
              "name": "USN-3756-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3756-1/"
            },
            {
              "name": "RHSA-2018:3398",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3398"
            },
            {
              "name": "RHSA-2018:3400",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3400"
            },
            {
              "name": "RHSA-2018:2228",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2228"
            },
            {
              "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
            },
            {
              "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
            },
            {
              "name": "RHSA-2019:1046",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1046"
            },
            {
              "name": "openSUSE-SU-2019:1439",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
            },
            {
              "name": "openSUSE-SU-2019:1438",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
            },
            {
              "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jun/36"
            },
            {
              "name": "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
            },
            {
              "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
            },
            {
              "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
              "refsource": "CONFIRM",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
            },
            {
              "name": "http://support.lenovo.com/us/en/solutions/LEN-22133",
              "refsource": "CONFIRM",
              "url": "http://support.lenovo.com/us/en/solutions/LEN-22133"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004"
            },
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012",
              "refsource": "CONFIRM",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012"
            },
            {
              "name": "https://support.citrix.com/article/CTX235225",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX235225"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_18_23",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/support/security/Synology_SA_18_23"
            },
            {
              "name": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
              "refsource": "CONFIRM",
              "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
            },
            {
              "name": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html",
              "refsource": "CONFIRM",
              "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-263.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-263.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
            },
            {
              "name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006",
              "refsource": "CONFIRM",
              "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us"
            },
            {
              "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528",
              "refsource": "MISC",
              "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180521-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
            },
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
            },
            {
              "name": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html",
              "refsource": "CONFIRM",
              "url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"
            },
            {
              "name": "openSUSE-SU-2020:1325",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-3639",
    "datePublished": "2018-05-22T12:00:00Z",
    "dateReserved": "2017-12-28T00:00:00",
    "dateUpdated": "2024-09-16T22:55:27.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}