csaf_suse - suse-su-2021:2862-1

SUSE-SU-2021:2862-1

Vulnerability from csaf_suse - Published: 2021-08-27 12:41 - Updated: 2021-08-27 12:41

Summary

Security update for spectre-meltdown-checker

Notes

Title of the patch

Security update for spectre-meltdown-checker

Description of the patch

This update for spectre-meltdown-checker fixes the following issues: spectre-meltdown-checker was updated to version 0.44 (bsc#1189477) - feat: add support for SRBDS related vulnerabilities - feat: add zstd kernel decompression (#370) - enh: arm: add experimental support for binary arm images - enh: rsb filling: no longer need the 'strings' tool to check for kernel support in live mode - fix: fwdb: remove Intel extract tempdir on exit - fix: has_vmm: ignore kernel threads when looking for a hypervisor (fixes #278) - fix: fwdb: use the commit date as the intel fwdb version - fix: fwdb: update Intel's repository URL - fix: arm64: CVE-2017-5753: kernels 4.19+ use a different nospec macro - fix: on CPU parse info under FreeBSD - chore: github: add check run on pull requests - chore: fwdb: update to v165.20201021+i20200616

Patchnames

SUSE-2021-2862,SUSE-SLE-SERVER-12-SP5-2021-2862

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for spectre-meltdown-checker",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for spectre-meltdown-checker fixes the following issues:\n\nspectre-meltdown-checker was updated to version 0.44 (bsc#1189477)\n\n- feat: add support for SRBDS related vulnerabilities\n- feat: add zstd kernel decompression (#370)\n- enh: arm: add experimental support for binary arm images\n- enh: rsb filling: no longer need the \u0027strings\u0027 tool to check for kernel support in live mode\n- fix: fwdb: remove Intel extract tempdir on exit\n- fix: has_vmm: ignore kernel threads when looking for a hypervisor (fixes #278)\n- fix: fwdb: use the commit date as the intel fwdb version\n- fix: fwdb: update Intel\u0027s repository URL\n- fix: arm64: CVE-2017-5753: kernels 4.19+ use a different nospec macro\n- fix: on CPU parse info under FreeBSD\n- chore: github: add check run on pull requests\n- chore: fwdb: update to v165.20201021+i20200616\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2021-2862,SUSE-SLE-SERVER-12-SP5-2021-2862",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2862-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2021:2862-1",
        "url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212862-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2021:2862-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009367.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1189477",
        "url": "https://bugzilla.suse.com/1189477"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5753 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5753/"
      }
    ],
    "title": "Security update for spectre-meltdown-checker",
    "tracking": {
      "current_release_date": "2021-08-27T12:41:34Z",
      "generator": {
        "date": "2021-08-27T12:41:34Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2021:2862-1",
      "initial_release_date": "2021-08-27T12:41:34Z",
      "revision_history": [
        {
          "date": "2021-08-27T12:41:34Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spectre-meltdown-checker-0.44-3.6.1.i586",
                "product": {
                  "name": "spectre-meltdown-checker-0.44-3.6.1.i586",
                  "product_id": "spectre-meltdown-checker-0.44-3.6.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spectre-meltdown-checker-0.44-3.6.1.x86_64",
                "product": {
                  "name": "spectre-meltdown-checker-0.44-3.6.1.x86_64",
                  "product_id": "spectre-meltdown-checker-0.44-3.6.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spectre-meltdown-checker-0.44-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:spectre-meltdown-checker-0.44-3.6.1.x86_64"
        },
        "product_reference": "spectre-meltdown-checker-0.44-3.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spectre-meltdown-checker-0.44-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:spectre-meltdown-checker-0.44-3.6.1.x86_64"
        },
        "product_reference": "spectre-meltdown-checker-0.44-3.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5753",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5753"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:spectre-meltdown-checker-0.44-3.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:spectre-meltdown-checker-0.44-3.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5753",
          "url": "https://www.suse.com/security/cve/CVE-2017-5753"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1068032 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1068032"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1074562 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1074562"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1074578 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1074578"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1074701 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1074701"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1075006 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1075006"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1075419 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1075419"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1075748 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1075748"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1080039 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1080039"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087084 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1087084"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087939 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1087939"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1089055 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1089055"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1136865 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1136865"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1178658"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201877 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1201877"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1209547 for CVE-2017-5753",
          "url": "https://bugzilla.suse.com/1209547"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:spectre-meltdown-checker-0.44-3.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:spectre-meltdown-checker-0.44-3.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:spectre-meltdown-checker-0.44-3.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:spectre-meltdown-checker-0.44-3.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-08-27T12:41:34Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5753"
    }
  ]
}

CVE-2017-5753 (GCVE-0-2017-5753)

Vulnerability from cvelistv5 – Published: 2018-01-04 13:00 – Updated: 2024-09-16 22:24

Summary

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Severity ?

No CVSS data available.

CWE

Information Disclosure

Assigner

intel

References

URL

Tags

	http://nvidia.custhelp.com/app/answers/detail/a_id/4609	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
	https://www.debian.org/security/2018/dsa-4187	vendor-advisoryx_refsource_DEBIAN
	https://usn.ubuntu.com/3542-2/	vendor-advisoryx_refsource_UBUNTU
	https://security.gentoo.org/glsa/201810-06	vendor-advisoryx_refsource_GENTOO
	https://usn.ubuntu.com/3540-2/	vendor-advisoryx_refsource_UBUNTU
	https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
	https://portal.msrc.microsoft.com/en-US/security-…	x_refsource_CONFIRM
	https://usn.ubuntu.com/3597-1/	vendor-advisoryx_refsource_UBUNTU
	https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://nvidia.custhelp.com/app/answers/detail/a_id/4611	x_refsource_CONFIRM
	https://security.googleblog.com/2018/01/todays-cp…	x_refsource_MISC
	https://cert.vde.com/en-us/advisories/vde-2018-002	x_refsource_CONFIRM
	https://usn.ubuntu.com/3580-1/	vendor-advisoryx_refsource_UBUNTU
	https://support.f5.com/csp/article/K91229003	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://www.debian.org/security/2018/dsa-4188	vendor-advisoryx_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2018:0292	vendor-advisoryx_refsource_REDHAT
	http://xenbits.xen.org/xsa/advisory-254.html	x_refsource_CONFIRM
	https://security.netapp.com/advisory/ntap-2018010…	x_refsource_CONFIRM
	https://www.synology.com/support/security/Synolog…	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/145645/Spect…	x_refsource_MISC
	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
	https://developer.arm.com/support/arm-security-up…	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/584653	third-party-advisoryx_refsource_CERT-VN
	https://www.kb.cert.org/vuls/id/180049	third-party-advisoryx_refsource_CERT-VN
	https://cert.vde.com/en-us/advisories/vde-2018-003	x_refsource_CONFIRM
	https://help.ecostruxureit.com/display/public/UAD…	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	https://support.hpe.com/hpsc/doc/public/display?d…	x_refsource_CONFIRM
	https://www.mitel.com/en-ca/support/security-advi…	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://support.hpe.com/hpsc/doc/public/display?d…	x_refsource_CONFIRM
	https://usn.ubuntu.com/3549-1/	vendor-advisoryx_refsource_UBUNTU
	https://www.suse.com/c/suse-addresses-meltdown-sp…	x_refsource_CONFIRM
	https://support.citrix.com/article/CTX231399	x_refsource_CONFIRM
	https://spectreattack.com/	x_refsource_MISC
	https://aws.amazon.com/de/security/security-bulle…	x_refsource_CONFIRM
	https://blog.mozilla.org/security/2018/01/03/miti…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1040071	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/102371	vdb-entryx_refsource_BID
	https://usn.ubuntu.com/3597-2/	vendor-advisoryx_refsource_UBUNTU
	http://nvidia.custhelp.com/app/answers/detail/a_id/4614	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://usn.ubuntu.com/3540-1/	vendor-advisoryx_refsource_UBUNTU
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	https://usn.ubuntu.com/usn/usn-3516-1/	vendor-advisoryx_refsource_UBUNTU
	https://www.vmware.com/us/security/advisories/VMS…	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/43427/	exploitx_refsource_EXPLOIT-DB
	https://usn.ubuntu.com/3541-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/3541-2/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/3542-1/	vendor-advisoryx_refsource_UBUNTU
	https://googleprojectzero.blogspot.com/2018/01/re…	x_refsource_MISC
	https://support.lenovo.com/us/en/solutions/LEN-18282	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://nvidia.custhelp.com/app/answers/detail/a_id/4613	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2019…	mailing-listx_refsource_MLIST
	https://lists.debian.org/debian-lts-announce/2019…	mailing-listx_refsource_MLIST
	https://www.oracle.com/technetwork/security-advis…	x_refsource_MISC
	https://seclists.org/bugtraq/2019/Jun/36	mailing-listx_refsource_BUGTRAQ
	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cdrdv2.intel.com/v1/dl/getContent/685359	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Intel Corporation	Most Modern Operating Systems	Affected: All

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:11:48.670Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
          },
          {
            "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
          },
          {
            "name": "DSA-4187",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4187"
          },
          {
            "name": "USN-3542-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3542-2/"
          },
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "USN-3540-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3540-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
          },
          {
            "name": "USN-3597-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3597-1/"
          },
          {
            "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
          },
          {
            "name": "SUSE-SU-2018:0012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
          },
          {
            "name": "SUSE-SU-2018:0011",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
          },
          {
            "name": "USN-3580-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3580-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K91229003"
          },
          {
            "name": "openSUSE-SU-2018:0022",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
          },
          {
            "name": "DSA-4188",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4188"
          },
          {
            "name": "RHSA-2018:0292",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0292"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-254.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/support/security/Synology_SA_18_01"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
          },
          {
            "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
          },
          {
            "name": "VU#584653",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/584653"
          },
          {
            "name": "VU#180049",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/180049"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
          },
          {
            "name": "USN-3549-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3549-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX231399"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://spectreattack.com/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
          },
          {
            "name": "1040071",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040071"
          },
          {
            "name": "102371",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102371"
          },
          {
            "name": "USN-3597-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3597-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
          },
          {
            "name": "SUSE-SU-2018:0010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
          },
          {
            "name": "USN-3540-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3540-1/"
          },
          {
            "name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
          },
          {
            "name": "USN-3516-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/usn/usn-3516-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
          },
          {
            "name": "43427",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/43427/"
          },
          {
            "name": "USN-3541-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3541-1/"
          },
          {
            "name": "USN-3541-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3541-2/"
          },
          {
            "name": "USN-3542-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3542-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
          },
          {
            "name": "openSUSE-SU-2018:0023",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
          },
          {
            "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
          },
          {
            "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
          },
          {
            "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jun/36"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Most Modern Operating Systems",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "All"
            }
          ]
        }
      ],
      "datePublic": "2018-01-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-19T17:48:07",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
        },
        {
          "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
        },
        {
          "name": "DSA-4187",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4187"
        },
        {
          "name": "USN-3542-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3542-2/"
        },
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        },
        {
          "name": "USN-3540-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3540-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
        },
        {
          "name": "USN-3597-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3597-1/"
        },
        {
          "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
        },
        {
          "name": "SUSE-SU-2018:0012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
        },
        {
          "name": "SUSE-SU-2018:0011",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
        },
        {
          "name": "USN-3580-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3580-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K91229003"
        },
        {
          "name": "openSUSE-SU-2018:0022",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
        },
        {
          "name": "DSA-4188",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4188"
        },
        {
          "name": "RHSA-2018:0292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0292"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-254.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/support/security/Synology_SA_18_01"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
        },
        {
          "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
        },
        {
          "name": "VU#584653",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/584653"
        },
        {
          "name": "VU#180049",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/180049"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
        },
        {
          "name": "USN-3549-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3549-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX231399"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://spectreattack.com/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
        },
        {
          "name": "1040071",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040071"
        },
        {
          "name": "102371",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102371"
        },
        {
          "name": "USN-3597-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3597-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
        },
        {
          "name": "SUSE-SU-2018:0010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
        },
        {
          "name": "USN-3540-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3540-1/"
        },
        {
          "name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
        },
        {
          "name": "USN-3516-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/usn/usn-3516-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
        },
        {
          "name": "43427",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/43427/"
        },
        {
          "name": "USN-3541-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3541-1/"
        },
        {
          "name": "USN-3541-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3541-2/"
        },
        {
          "name": "USN-3542-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3542-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
        },
        {
          "name": "openSUSE-SU-2018:0023",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
        },
        {
          "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
        },
        {
          "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
        },
        {
          "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jun/36"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2018-01-03T00:00:00",
          "ID": "CVE-2017-5753",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Most Modern Operating Systems",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
            },
            {
              "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
            },
            {
              "name": "DSA-4187",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4187"
            },
            {
              "name": "USN-3542-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3542-2/"
            },
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            },
            {
              "name": "USN-3540-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3540-2/"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/speculativeexecution",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
            },
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002",
              "refsource": "CONFIRM",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
            },
            {
              "name": "USN-3597-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3597-1/"
            },
            {
              "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
            },
            {
              "name": "SUSE-SU-2018:0012",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
            },
            {
              "name": "SUSE-SU-2018:0011",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
            },
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
            },
            {
              "name": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html",
              "refsource": "MISC",
              "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2018-002",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
            },
            {
              "name": "USN-3580-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3580-1/"
            },
            {
              "name": "https://support.f5.com/csp/article/K91229003",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K91229003"
            },
            {
              "name": "openSUSE-SU-2018:0022",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
            },
            {
              "name": "DSA-4188",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4188"
            },
            {
              "name": "RHSA-2018:0292",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0292"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-254.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-254.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180104-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_18_01",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/support/security/Synology_SA_18_01"
            },
            {
              "name": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
            },
            {
              "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
            },
            {
              "name": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
              "refsource": "CONFIRM",
              "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
            },
            {
              "name": "VU#584653",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/584653"
            },
            {
              "name": "VU#180049",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/180049"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2018-003",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
            },
            {
              "name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001",
              "refsource": "CONFIRM",
              "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
            },
            {
              "name": "USN-3549-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3549-1/"
            },
            {
              "name": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
            },
            {
              "name": "https://support.citrix.com/article/CTX231399",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX231399"
            },
            {
              "name": "https://spectreattack.com/",
              "refsource": "MISC",
              "url": "https://spectreattack.com/"
            },
            {
              "name": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/",
              "refsource": "CONFIRM",
              "url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
            },
            {
              "name": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/",
              "refsource": "CONFIRM",
              "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
            },
            {
              "name": "1040071",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040071"
            },
            {
              "name": "102371",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102371"
            },
            {
              "name": "USN-3597-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3597-2/"
            },
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
            },
            {
              "name": "SUSE-SU-2018:0010",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
            },
            {
              "name": "USN-3540-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3540-1/"
            },
            {
              "name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
            },
            {
              "name": "USN-3516-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/usn/usn-3516-1/"
            },
            {
              "name": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html",
              "refsource": "CONFIRM",
              "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
            },
            {
              "name": "43427",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/43427/"
            },
            {
              "name": "USN-3541-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3541-1/"
            },
            {
              "name": "USN-3541-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3541-2/"
            },
            {
              "name": "USN-3542-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3542-1/"
            },
            {
              "name": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html",
              "refsource": "MISC",
              "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
            },
            {
              "name": "https://support.lenovo.com/us/en/solutions/LEN-18282",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
            },
            {
              "name": "openSUSE-SU-2018:0023",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
            },
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
            },
            {
              "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
            },
            {
              "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
            },
            {
              "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jun/36"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
            },
            {
              "name": "https://cdrdv2.intel.com/v1/dl/getContent/685359",
              "refsource": "CONFIRM",
              "url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2017-5753",
    "datePublished": "2018-01-04T13:00:00Z",
    "dateReserved": "2017-02-01T00:00:00",
    "dateUpdated": "2024-09-16T22:24:53.960Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-SU-2021:2862-1

CVE-2017-5753 (GCVE-0-2017-5753)

Tags

Sightings

Nomenclature