Multiple CPU Hardware are prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.
Information
Redhat Virtualization Host 4
Redhat Virtualization for IBM Power LE 4
Redhat Virtualization - ELS 3
Redhat Virtualization 4
Redhat OpenStack for IBM Power 12.0
Redhat OpenStack 9.0
Redhat OpenStack 8.0
Redhat OpenStack 7.0
Redhat OpenStack 12.0
Redhat OpenStack 10.0
Redhat MRG Realtime 2
Redhat Gluster Storage Server for On-premise 3 for RHEL 7 0
Redhat Enterprise Linux Workstation 7
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server AUS 6.5
Redhat Enterprise Linux Server AUS 6.4
Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.4
Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.3
Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.2
Redhat Enterprise Linux Server - TUS 7.4
Redhat Enterprise Linux Server - TUS 7.3
Redhat Enterprise Linux Server - TUS 7.2
Redhat Enterprise Linux Server - TUS 6.6
Redhat Enterprise Linux Server - Extended Update Support 7.5
Redhat Enterprise Linux Server - Extended Update Support 7.4
Redhat Enterprise Linux Server - Extended Update Support 7.3
Redhat Enterprise Linux Server - Extended Update Support 6.7
Redhat Enterprise Linux Server - AUS 7.4
Redhat Enterprise Linux Server - AUS 7.3
Redhat Enterprise Linux Server - AUS 7.2
Redhat Enterprise Linux Server - AUS 6.6
Redhat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.
Redhat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux for Scientific Computing 7
Redhat Enterprise Linux for Scientific Computing 6
Redhat Enterprise Linux for Real Time 7
Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.5
Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.4
Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.3
Redhat Enterprise Linux for Power, little endian 7
Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.5
Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.4
Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.3
Redhat Enterprise Linux for Power, big endian - Extended Update Support 6.7
Redhat Enterprise Linux for Power, big endian 7
Redhat Enterprise Linux for Power, big endian 6
Redhat Enterprise Linux for Power 9 7
Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.5
Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.4
Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.3
Redhat Enterprise Linux for IBM z Systems - Extended Update Support 6.7
Redhat Enterprise Linux for IBM z Systems 7
Redhat Enterprise Linux for IBM System z (Structure A) 7
Redhat Enterprise Linux for ARM 64 7
Redhat Enterprise Linux EUS Compute Node 7.5
Redhat Enterprise Linux EUS Compute Node 7.4
Redhat Enterprise Linux EUS Compute Node 7.3
Redhat Enterprise Linux EUS Compute Node 6.7
Redhat Enterprise Linux Desktop 7
Redhat Enterprise Linux Desktop 6
Intel Xeon Processor E7 v4 Family 0
Intel Xeon Processor E7 v3 Family 0
Intel Xeon Processor E7 v2 Family 0
Intel Xeon Processor E7 Family 0
Intel Xeon Processor E5 v4 Family 0
Intel Xeon Processor E5 v3 Family 0
Intel Xeon Processor E5 v2 Family 0
Intel Xeon Processor E5 Family 0
Intel Xeon Processor E3 v6 Family 0
Intel Xeon Processor E3 v5 Family 0
Intel Xeon Processor E3 v4 Family 0
Intel Xeon Processor E3 v3 Family 0
Intel Xeon Processor E3 v2 Family 0
Intel Xeon Processor E3 Family 0
Intel Xeon processor 7500 series 0
Intel Xeon processor 6500 series 0
Intel Xeon processor 5600 series 0
Intel Xeon processor 5500 series 0
Intel Xeon processor 3600 series 0
Intel Xeon processor 3400 series 0
Intel Pentium Processor Silver Series 0
Intel Pentium Processor N Series 0
Intel Pentium Processor J Series 0
Intel Core X-series Processor Family for Intel X99 platforms 0
Intel Core X-series Processor Family for Intel X299 platforms 0
Intel Core M processor family 0
Intel Celeron Processor N Series 0
Intel Celeron Processor J Series 0
Intel Atom Processor Z Series 0
Intel Atom Processor X Series 0
Intel Atom Processor T Series 0
Intel Atom Processor E Series 0
Intel Atom Processor C Series 0
Intel Atom Processor A Series 0
Intel 8th generation Core processors 0
Intel 7th generation Core processors 0
Intel 6th generation Core processors 0
Intel 5th generation Core processors 0
Intel 4th generation Core processors 0
Intel 3rd generation Core processors 0
Intel 2nd generation Core processors 0
ARM Cortex A72 0
ARM Cortex A57 0
Exploit
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
References:
- AMD Home Page (AMD)
- ARM Homepage (ARM)
- Intel Home Page (Intel)
- â??Speculative Store Bypassâ? Vulnerability Mitigations for AMD Platforms (AMD)
- ADV180012 | Microsoft Guidance for Speculative Store Bypass (Microsoft)
- Alert (TA18-141A) Side-Channel Vulnerability Variants 3a and 4 (CERT)
- AMD64 TECHNOLOGY SPECULATIVE STORE BYPASS DISABLE (AMD)
- Analysis and mitigation of speculative store bypass (CVE-2018-3639) (Microsoft)
- Bug 1566890 - (CVE-2018-3639) CVE-2018-3639 hw: cpu: speculative store bypass (Redhat)
- CPU hardware utilizing speculative execution may be vulnerable to cache side-cha (CERT)
- CPU Side-Channel Information Disclosure Vulnerabilities: May 2018 (Cisco)
- CVE-2018-3639 (Redhat)
- Q2 2018 Speculative Execution Side Channel Update (Intel)
- RHSA-2018:1629 - Security Advisory (Redhat)
- RHSA-2018:1630 - Security Advisory (Redhat)
- RHSA-2018:1632 - Security Advisory (Redhat)
- RHSA-2018:1633 - Security Advisory (Redhat)
- RHSA-2018:1643 - Security Advisory (Redhat)
- RHSA-2018:1644 - Security Advisory (Redhat)
- RHSA-2018:1645 - Security Advisory (Redhat)
- RHSA-2018:1646 - Security Advisory (Redhat)
- RHSA-2018:1647 - Security Advisory (Redhat)
- RHSA-2018:1648 - Security Advisory (Redhat)
- RHSA-2018:1649 - Security Advisory (Redhat)
- RHSA-2018:1650 - Security Advisory (Redhat)
- RHSA-2018:1651 - Security Advisory (Redhat)
- RHSA-2018:1652 - Security Advisory (Redhat)
- RHSA-2018:1653 - Security Advisory (Redhat)
- RHSA-2018:1654 - Security Advisory (Redhat)
- RHSA-2018:1655 - Security Advisory (Redhat)
- RHSA-2018:1656 - Security Advisory (Redhat)
- RHSA-2018:1657 - Security Advisory (Redhat)
- RHSA-2018:1658 - Security Advisory (Redhat)
- RHSA-2018:1659 - Security Advisory (Redhat)
- RHSA-2018:1660 - Security Advisory (Redhat)
- RHSA-2018:1661 - Security Advisory (Redhat)
- RHSA-2018:1662 - Security Advisory (Redhat)
- RHSA-2018:1663 - Security Advisory (Redhat)
- RHSA-2018:1664 - Security Advisory (Redhat)
- RHSA-2018:1665 - Security Advisory (Redhat)
- RHSA-2018:1666 - Security Advisory (Redhat)
- RHSA-2018:1667 - Security Advisory (Redhat)
- RHSA-2018:1668 - Security Advisory (Redhat)
- RHSA-2018:1669 - Security Advisory (Redhat)
- RHSA-2018:1674 - Security Advisory (Redhat)
- RHSA-2018:1675 - Security Advisory (Redhat)
- RHSA-2018:1676 - Security Advisory (Redhat)
- RHSA-2018:1686 - Security Advisory (Redhat)
- speculative execution, variant 4: speculative store bypass (Google Project Zero)
- VMware Response to Speculative Execution security issues, CVE-2018-3639 and CVE- (VMware)
- Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism (ARM)