Vulnerability Details CVE-2018-3615
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 80.6%
CVSS Severity
CVSS v3 Score 6.4
CVSS v2 Score 5.4
References
- http://support.lenovo.com/us/en/solutions/LEN-24163
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
- http://www.securityfocus.com/bid/105080
- http://www.securitytracker.com/id/1041451
- https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
- https://foreshadowattack.eu/
- https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008
- https://security.netapp.com/advisory/ntap-20180815-0001/
- https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
- https://support.f5.com/csp/article/K35558453
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
- https://www.kb.cert.org/vuls/id/982149
- https://www.synology.com/support/security/Synology_SA_18_45
- http://support.lenovo.com/us/en/solutions/LEN-24163
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
- http://www.securityfocus.com/bid/105080
- http://www.securitytracker.com/id/1041451
- https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
- https://foreshadowattack.eu/
- https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008
- https://security.netapp.com/advisory/ntap-20180815-0001/
- https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
- https://support.f5.com/csp/article/K35558453
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
- https://www.kb.cert.org/vuls/id/982149
- https://www.synology.com/support/security/Synology_SA_18_45
Products affected by CVE-2018-3615
-
cpe:2.3:h:intel:core_i3:6006u
-
cpe:2.3:h:intel:core_i3:6098p
-
cpe:2.3:h:intel:core_i3:6100
-
cpe:2.3:h:intel:core_i3:6100e
-
cpe:2.3:h:intel:core_i3:6100h
-
cpe:2.3:h:intel:core_i3:6100t
-
cpe:2.3:h:intel:core_i3:6100te
-
cpe:2.3:h:intel:core_i3:6100u
-
cpe:2.3:h:intel:core_i3:6102e
-
cpe:2.3:h:intel:core_i3:6157u
-
cpe:2.3:h:intel:core_i3:6167u
-
cpe:2.3:h:intel:core_i3:6300
-
cpe:2.3:h:intel:core_i3:6300t
-
cpe:2.3:h:intel:core_i3:6320
-
cpe:2.3:h:intel:core_i3:8100
-
cpe:2.3:h:intel:core_i3:8350k
-
cpe:2.3:h:intel:core_i5:6200u
-
cpe:2.3:h:intel:core_i5:6260u
-
cpe:2.3:h:intel:core_i5:6267u
-
cpe:2.3:h:intel:core_i5:6287u
-
cpe:2.3:h:intel:core_i5:6300hq
-
cpe:2.3:h:intel:core_i5:6300u
-
cpe:2.3:h:intel:core_i5:6350hq
-
cpe:2.3:h:intel:core_i5:6360u
-
cpe:2.3:h:intel:core_i5:6400
-
cpe:2.3:h:intel:core_i5:6400t
-
cpe:2.3:h:intel:core_i5:6402p
-
cpe:2.3:h:intel:core_i5:6440eq
-
cpe:2.3:h:intel:core_i5:6440hq
-
cpe:2.3:h:intel:core_i5:6442eq
-
cpe:2.3:h:intel:core_i5:650
-
cpe:2.3:h:intel:core_i5:6500
-
cpe:2.3:h:intel:core_i5:6500t
-
cpe:2.3:h:intel:core_i5:6500te
-
cpe:2.3:h:intel:core_i5:655k
-
cpe:2.3:h:intel:core_i5:6585r
-
cpe:2.3:h:intel:core_i5:660
-
cpe:2.3:h:intel:core_i5:6600
-
cpe:2.3:h:intel:core_i5:6600k
-
cpe:2.3:h:intel:core_i5:6600t
-
cpe:2.3:h:intel:core_i5:661
-
cpe:2.3:h:intel:core_i5:6685r
-
cpe:2.3:h:intel:core_i5:670
-
cpe:2.3:h:intel:core_i5:680
-
cpe:2.3:h:intel:core_i5:750
-
cpe:2.3:h:intel:core_i5:750s
-
cpe:2.3:h:intel:core_i5:760
-
cpe:2.3:h:intel:core_i5:8250u
-
cpe:2.3:h:intel:core_i5:8350u
-
cpe:2.3:h:intel:core_i5:8400
-
cpe:2.3:h:intel:core_i5:8600k
-
cpe:2.3:h:intel:core_i7:610e
-
cpe:2.3:h:intel:core_i7:620le
-
cpe:2.3:h:intel:core_i7:620lm
-
cpe:2.3:h:intel:core_i7:620m
-
cpe:2.3:h:intel:core_i7:620ue
-
cpe:2.3:h:intel:core_i7:620um
-
cpe:2.3:h:intel:core_i7:640lm
-
cpe:2.3:h:intel:core_i7:640m
-
cpe:2.3:h:intel:core_i7:640um
-
cpe:2.3:h:intel:core_i7:660lm
-
cpe:2.3:h:intel:core_i7:660ue
-
cpe:2.3:h:intel:core_i7:660um
-
cpe:2.3:h:intel:core_i7:680um
-
cpe:2.3:h:intel:core_i7:720qm
-
cpe:2.3:h:intel:core_i7:740qm
-
cpe:2.3:h:intel:core_i7:7500u
-
cpe:2.3:h:intel:core_i7:7560u
-
cpe:2.3:h:intel:core_i7:7567u
-
cpe:2.3:h:intel:core_i7:7600u
-
cpe:2.3:h:intel:core_i7:7660u
-
cpe:2.3:h:intel:core_i7:7700
-
cpe:2.3:h:intel:core_i7:7700hq
-
cpe:2.3:h:intel:core_i7:7700k
-
cpe:2.3:h:intel:core_i7:7700t
-
cpe:2.3:h:intel:core_i7:7820eq
-
cpe:2.3:h:intel:core_i7:7820hk
-
cpe:2.3:h:intel:core_i7:7820hq
-
cpe:2.3:h:intel:core_i7:7920hq
-
cpe:2.3:h:intel:core_i7:7y75
-
cpe:2.3:h:intel:core_i7:820qm
-
cpe:2.3:h:intel:core_i7:840qm
-
cpe:2.3:h:intel:core_i7:8550u
-
cpe:2.3:h:intel:core_i7:860
-
cpe:2.3:h:intel:core_i7:860s
-
cpe:2.3:h:intel:core_i7:8650u
-
cpe:2.3:h:intel:core_i7:870
-
cpe:2.3:h:intel:core_i7:8700
-
cpe:2.3:h:intel:core_i7:8700k
-
cpe:2.3:h:intel:core_i7:870s
-
cpe:2.3:h:intel:core_i7:875k
-
cpe:2.3:h:intel:core_i7:880
-
cpe:2.3:h:intel:xeon_e3:1505m_v6
-
cpe:2.3:h:intel:xeon_e3:1515m_v5
-
cpe:2.3:h:intel:xeon_e3:1535m_v5
-
cpe:2.3:h:intel:xeon_e3:1535m_v6
-
cpe:2.3:h:intel:xeon_e3:1545m_v5
-
cpe:2.3:h:intel:xeon_e3:1558l_v5
-
cpe:2.3:h:intel:xeon_e3:1565l_v5
-
cpe:2.3:h:intel:xeon_e3:1575m_v5
-
cpe:2.3:h:intel:xeon_e3:1578l_v5
-
cpe:2.3:h:intel:xeon_e3:1585_v5
-
cpe:2.3:h:intel:xeon_e3:1585l_v5
-
cpe:2.3:h:intel:xeon_e3_1220_v5:-
-
cpe:2.3:h:intel:xeon_e3_1220_v6:-
-
cpe:2.3:h:intel:xeon_e3_1225_v5:-
-
cpe:2.3:h:intel:xeon_e3_1225_v6:-
-
cpe:2.3:h:intel:xeon_e3_1230_v5:-
-
cpe:2.3:h:intel:xeon_e3_1230_v6:-
-
cpe:2.3:h:intel:xeon_e3_1235l_v5:-
-
cpe:2.3:h:intel:xeon_e3_1240_v5:-
-
cpe:2.3:h:intel:xeon_e3_1240_v6:-
-
cpe:2.3:h:intel:xeon_e3_1240l_v5:-
-
cpe:2.3:h:intel:xeon_e3_1245_v5:-
-
cpe:2.3:h:intel:xeon_e3_1245_v6:-
-
cpe:2.3:h:intel:xeon_e3_1260l_v5:-
-
cpe:2.3:h:intel:xeon_e3_1268l_v5:-
-
cpe:2.3:h:intel:xeon_e3_1270_v5:-
-
cpe:2.3:h:intel:xeon_e3_1270_v6:-
-
cpe:2.3:h:intel:xeon_e3_1275_v5:-
-
cpe:2.3:h:intel:xeon_e3_1275_v6:-
-
cpe:2.3:h:intel:xeon_e3_1280_v5:-
-
cpe:2.3:h:intel:xeon_e3_1280_v6:-
-
cpe:2.3:h:intel:xeon_e3_1285_v6:-
-
cpe:2.3:h:intel:xeon_e3_1501l_v6:-
-
cpe:2.3:h:intel:xeon_e3_1501m_v6:-
-
cpe:2.3:h:intel:xeon_e3_1505l_v5:-
-
cpe:2.3:h:intel:xeon_e3_1505l_v6:-
-
cpe:2.3:h:intel:xeon_e3_1505m_v5:-