CVE-2018-3665

NameCVE-2018-3665
DescriptionSystem software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1422-1, DSA-4232-1
NVD severitymedium (attack range: local)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
linux (PTS)jessie3.16.56-1+deb8u1vulnerable
jessie (security)3.16.57-2fixed
stretch4.9.110-1fixed
stretch (security)4.9.110-3+deb9u3fixed
buster4.17.14-1fixed
sid4.17.17-1fixed
xen (PTS)jessie (security), jessie4.4.1-9+deb8u10vulnerable
stretch (security)4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10fixed
buster, stretch, sid4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
linuxsource(unstable)4.6.1-1medium
linuxsourcejessie3.16.57-1mediumDLA-1422-1
xensource(unstable)4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8medium
xensourcestretch4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8mediumDSA-4232-1

Notes

https://xenbits.xen.org/xsa/advisory-267.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html
Default eagerfpu=on on all CPUs: https://git.kernel.org/linus/58122bf1d856a4ea9581d62a07c557d997d46a19
Hard-disable lazy FPU mode: https://git.kernel.org/linus/ca6938a1cd8a1c5e861a99b67f84ac166fc2b9e7

Search for package or bug name: Reporting problems