Multiple CPU Hardware CVE-2018-3639 Information Disclosure Vulnerability



Multiple CPU Hardware are prone to an information-disclosure vulnerability.

Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.

Information

Bugtraq ID: 104232
Class: Design Error
CVE: CVE-2018-3639

Remote: No
Local: Yes
Published: May 21 2018 12:00AM
Updated: May 21 2018 12:00AM
Credit: Ken Johnson of Microsoft Corporation and Jann Horn of Google Project Zero
Vulnerable: Redhat Virtualization Manager 4.2
Redhat Virtualization Host 4
Redhat Virtualization for IBM Power LE 4
Redhat Virtualization - ELS 3
Redhat Virtualization 4
Redhat OpenStack for IBM Power 12.0
Redhat OpenStack 9.0
Redhat OpenStack 8.0
Redhat OpenStack 7.0
Redhat OpenStack 12.0
Redhat OpenStack 10.0
Redhat MRG Realtime 2
Redhat Gluster Storage Server for On-premise 3 for RHEL 7 0
Redhat Enterprise Linux Workstation 7
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server AUS 6.5
Redhat Enterprise Linux Server AUS 6.4
Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.4
Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.3
Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.2
Redhat Enterprise Linux Server - TUS 7.4
Redhat Enterprise Linux Server - TUS 7.3
Redhat Enterprise Linux Server - TUS 7.2
Redhat Enterprise Linux Server - TUS 6.6
Redhat Enterprise Linux Server - Extended Update Support 7.5
Redhat Enterprise Linux Server - Extended Update Support 7.4
Redhat Enterprise Linux Server - Extended Update Support 7.3
Redhat Enterprise Linux Server - Extended Update Support 6.7
Redhat Enterprise Linux Server - AUS 7.4
Redhat Enterprise Linux Server - AUS 7.3
Redhat Enterprise Linux Server - AUS 7.2
Redhat Enterprise Linux Server - AUS 6.6
Redhat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.
Redhat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux for Scientific Computing 7
Redhat Enterprise Linux for Scientific Computing 6
Redhat Enterprise Linux for Real Time 7
Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.5
Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.4
Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.3
Redhat Enterprise Linux for Power, little endian 7
Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.5
Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.4
Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.3
Redhat Enterprise Linux for Power, big endian - Extended Update Support 6.7
Redhat Enterprise Linux for Power, big endian 7
Redhat Enterprise Linux for Power, big endian 6
Redhat Enterprise Linux for Power 9 7
Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.5
Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.4
Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.3
Redhat Enterprise Linux for IBM z Systems - Extended Update Support 6.7
Redhat Enterprise Linux for IBM z Systems 7
Redhat Enterprise Linux for IBM System z (Structure A) 7
Redhat Enterprise Linux for ARM 64 7
Redhat Enterprise Linux EUS Compute Node 7.5
Redhat Enterprise Linux EUS Compute Node 7.4
Redhat Enterprise Linux EUS Compute Node 7.3
Redhat Enterprise Linux EUS Compute Node 6.7
Redhat Enterprise Linux Desktop 7
Redhat Enterprise Linux Desktop 6
Intel Xeon Processor E7 v4 Family 0
Intel Xeon Processor E7 v3 Family 0
Intel Xeon Processor E7 v2 Family 0
Intel Xeon Processor E7 Family 0
Intel Xeon Processor E5 v4 Family 0
Intel Xeon Processor E5 v3 Family 0
Intel Xeon Processor E5 v2 Family 0
Intel Xeon Processor E5 Family 0
Intel Xeon Processor E3 v6 Family 0
Intel Xeon Processor E3 v5 Family 0
Intel Xeon Processor E3 v4 Family 0
Intel Xeon Processor E3 v3 Family 0
Intel Xeon Processor E3 v2 Family 0
Intel Xeon Processor E3 Family 0
Intel Xeon processor 7500 series 0
Intel Xeon processor 6500 series 0
Intel Xeon processor 5600 series 0
Intel Xeon processor 5500 series 0
Intel Xeon processor 3600 series 0
Intel Xeon processor 3400 series 0
Intel Pentium Processor Silver Series 0
Intel Pentium Processor N Series 0
Intel Pentium Processor J Series 0
Intel Core X-series Processor Family for Intel X99 platforms 0
Intel Core X-series Processor Family for Intel X299 platforms 0
Intel Core M processor family 0
Intel Celeron Processor N Series 0
Intel Celeron Processor J Series 0
Intel Atom Processor Z Series 0
Intel Atom Processor X Series 0
Intel Atom Processor T Series 0
Intel Atom Processor E Series 0
Intel Atom Processor C Series 0
Intel Atom Processor A Series 0
Intel 8th generation Core processors 0
Intel 7th generation Core processors 0
Intel 6th generation Core processors 0
Intel 5th generation Core processors 0
Intel 4th generation Core processors 0
Intel 3rd generation Core processors 0
Intel 2nd generation Core processors 0
ARM Cortex A72 0
ARM Cortex A57 0


Not Vulnerable:

Exploit


The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.


References:

Related Posts