CVE-2018-3639

NameCVE-2018-3639
DescriptionSystems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1423-1, DLA-1446-1, DLA-1529-1, DSA-4210-1, DSA-4273-1, DSA-4273-2
NVD severitymedium (attack range: local)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
intel-microcode (PTS)jessie/non-free3.20180425.1~deb8u1vulnerable
stretch/non-free (security), stretch/non-free3.20180807a.1~deb9u1fixed
buster/non-free, sid/non-free3.20180807a.2fixed
jessie/non-free (security)3.20180807a.1~deb8u1fixed
linux (PTS)jessie3.16.56-1+deb8u1vulnerable
jessie (security)3.16.59-1fixed
stretch4.9.130-2fixed
stretch (security)4.9.110-3+deb9u6fixed
buster, sid4.18.20-2fixed
linux-4.9 (PTS)jessie (security)4.9.110-3+deb9u5~deb8u1fixed
xen (PTS)jessie4.4.1-9+deb8u10vulnerable
jessie (security)4.4.4lts4-0+deb8u1vulnerable
stretch (security), stretch4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10fixed
buster, sid4.11.1~pre.20180911.5acdd26fdc+dfsg-5fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
intel-microcodesource(unstable)3.20180703.1medium
intel-microcodesourcejessie3.20180703.2~deb8u1mediumDLA-1446-1
intel-microcodesourcestretch3.20180807a.1~deb9u1mediumDSA-4273-2
linuxsource(unstable)4.16.12-1medium
linuxsourcejessie3.16.59-1mediumDLA-1529-1
linuxsourcestretch4.9.107-1medium
linux-4.9sourcejessie4.9.110-1~deb8u1mediumDLA-1423-1
xensource(unstable)4.8.3+xsa262+shim4.10.0+comet3-1+deb9u7medium
xensourcestretch4.8.3+xsa262+shim4.10.0+comet3-1+deb9u7mediumDSA-4210-1

Notes

[wheezy] - linux <ignored> (Too much work to backport)
https://xenbits.xen.org/xsa/advisory-263.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
The 3.20180703.1 release for intel-microcode was the first batch of updates which targeted
most server type CPUs, additional models were supported in the 3.20180807a.1 release
Qemu part of the mitigations for the speculative store buffer bypass
vulnerabilities on x86 are needed: #908682
https://git.qemu.org/?p=qemu.git;a=commit;h=d19d1f965904a533998739698020ff4ee8a103da
https://git.qemu.org/?p=qemu.git;a=commit;h=cfeea0c021db6234c154dbc723730e81553924ff
https://git.qemu.org/?p=qemu.git;a=commit;h=403503b162ffc33fb64cfefdf7b880acf41772cd

Search for package or bug name: Reporting problems