Medium severity5.6NVD Advisory· Published May 22, 2018· Updated Jun 17, 2026
CVE-2018-3640
CVE-2018-3640
Description
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19- osv-coords18 versionspkg:rpm/opensuse/ucode-intel&distro=openSUSE%20Tumbleweedpkg:rpm/suse/microcode_ctl&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/microcode_ctl&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/microcode_ctl&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/microcode_ctl&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/microcode_ctl&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/ucode-intel&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/ucode-intel&distro=SUSE%20OpenStack%20Cloud%207
< 20210608-1.2+ 17 more
- (no CPE)range: < 20210608-1.2
- (no CPE)range: < 1.17-102.83.24.1
- (no CPE)range: < 1.17-102.83.24.1
- (no CPE)range: < 1.17-102.83.24.1
- (no CPE)range: < 1.17-102.83.24.1
- (no CPE)range: < 1.17-102.83.24.1
- (no CPE)range: < 20180703-13.25.1
- (no CPE)range: < 20180703-13.25.1
- (no CPE)range: < 20180703-3.3.1
- (no CPE)range: < 20180703-13.25.1
- (no CPE)range: < 20180703-13.25.1
- (no CPE)range: < 20180703-13.25.1
- (no CPE)range: < 20180703-13.25.1
- (no CPE)range: < 20180703-13.25.1
- (no CPE)range: < 20180703-13.25.1
- (no CPE)range: < 20180703-13.25.1
- (no CPE)range: < 20180703-13.25.1
- (no CPE)range: < 20180703-13.25.1
- Intel Corporation/Multiplev5Range: Multiple
Patches
Vulnerability mechanics
References
22- portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180013nvdPatchThird Party AdvisoryVendor Advisory
- support.lenovo.com/us/en/solutions/LEN-22133nvdThird Party Advisory
- www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/104228nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1040949nvdThird Party AdvisoryVDB Entry
- developer.arm.com/support/arm-security-updates/speculative-processor-vulnerabilitynvdVendor Advisory
- security.netapp.com/advisory/ntap-20180521-0001/nvdThird Party Advisory
- support.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannelnvdThird Party Advisory
- www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.htmlnvdVendor Advisory
- www.kb.cert.org/vuls/id/180049nvdThird Party AdvisoryUS Government Resource
- www.synology.com/support/security/Synology_SA_18_23nvdThird Party Advisory
- www.us-cert.gov/ncas/alerts/TA18-141AnvdThird Party AdvisoryUS Government Resource
- www.securitytracker.com/id/1042004nvd
- cert-portal.siemens.com/productcert/pdf/ssa-268644.pdfnvd
- cert-portal.siemens.com/productcert/pdf/ssa-608355.pdfnvd
- lists.debian.org/debian-lts-announce/2018/07/msg00038.htmlnvd
- lists.debian.org/debian-lts-announce/2018/09/msg00017.htmlnvd
- psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0005nvd
- usn.ubuntu.com/3756-1/nvd
- www.debian.org/security/2018/dsa-4273nvd
- www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006nvd
News mentions
0No linked articles in our index yet.