Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.107832
Category:Huawei
Title:Huawei Data Communication: Side-Channel Vulnerability Variants 3a and 4 (huawei-sa-20180615-01-cpu)
Summary:Intel publicly disclosed new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown.
Description:Summary:
Intel publicly disclosed new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown.

Vulnerability Insight:
Intel publicly disclosed new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown. These variants known as 3A (CVE-2018-3640) and 4 (CVE-2018-3639), local attackers may exploit these vulnerabilities to cause information leak on the affected system. (Vulnerability ID: HWPSIRT-2018-05139 and HWPSIRT-2018-05140)The two vulnerabilities have been assigned two Common Vulnerabilities and Exposures (CVE) IDs: CVE-2018-3639 and CVE-2018-3640.Huawei has released software updates to fix these vulnerabilities. This advisory is available in the linked references.

Vulnerability Impact:
Local attackers may exploit these vulnerabilities to cause information leak on the affected system.

Affected Software/OS:
1288H V5 versions Versions earlier than V100R005C00SPC117 (BIOS V081)

2288H V5 versions Versions earlier than V100R005C00SPC117 (BIOS V081)

2488 V5 versions Versions earlier than V100R005C00SPC500 (BIOS V095)

2488H V5 versions Versions earlier than V100R005C00SPC203 (BIOS V095)

5288 V3 versions Versions earlier than V100R003C00SPC706 (BIOS V399)

AR3600 versions V200R006C10

BH620 V2 versions Versions earlier than V100R002C00SPC302 (BIOS V370)

BH621 V2 versions Versions earlier than V100R002C00SPC301 (BIOS V370)

BH622 V2 versions Versions earlier than V100R002C00SPC309 (BIOS V521)

BH640 V2 versions Versions earlier than V100R002C00SPC307 (BIOS V521)

CH121 versions V100R001C00SPC305

CH121 V3 versions Versions earlier than V100R001C00SPC261 (BIOS V399)

CH121 V5 versions Versions earlier than V100R001C00SPC131 (BIOS V081)

CH121H V3 versions Versions earlier than V100R001C00SPC121 (BIOS V399)

CH121L V3 versions Versions earlier than V100R001C00SPC161 (BIOS V399)

CH121L V5 versions Versions earlier than V100R001C00SPC131 (BIOS V081)

CH140 versions V100R001C00

CH140 V3 versions Versions earlier than V100R001C00SPC181 (BIOS V399)

CH140L V3 versions Versions earlier than V100R001C00SPC161 (BIOS V399)

CH220 versions V100R001C00

CH220 V3 versions Versions earlier than V100R001C00SPC261 (BIOS V399)

CH221 versions V100R001C00

CH222 versions V100R002C00SPC305

CH222 V3 versions Versions earlier than V100R001C00SPC261 (BIOS V399)

CH225 V3 versions Versions earlier than V100R001C00SPC161 (BIOS V399)

CH226 V3 versions Versions earlier than V100R001C00SPC181 (BIOS V399)

CH240 versions V100R001C00

CH242 versions V100R001C00

CH242 V3 versions Versions earlier than V100R001C00SPC331 (BIOS V358)

CH242 V3 DDR4 versions Versions earlier than V100R001C00SPC331 (BIOS V817)

CH242 V5 versions Versions earlier than V100R001C00SPC121 (BIOS V095)

FusionCompute versions V100R006C00 V100R006C10

FusionCube versions V100R002C02 V100R002C30 V100R002C70

FusionSphere OpenStack versions V100R005C00 V100R005C10SPC700 V100R005C10SPC701 V100R006C00 V100R006C10 V1R6C00RC1SPC1B060

HUAWEI MateBook (HZ-W09/ HZ-W19/ HZ-W29) versions Versions earlier than BIOS 1.52

HUAWEI MateBook B200/ MateBook D (PL-W09/ PL-W19/ PL-W29) versions Versions earlier than BIOS 1.21

HUAWEI MateBook D (MRC-W10/ MRC-W50/ MRC-W60) versions Versions earlier than BIOS 1.19

HUAWEI MateBook X Pro (MACH-W19/ MACH-W29) versions Versions earlier than BIOS 1.12

Honor MagicBook (VLT-W50/ VLT-W60) versions Versions earlier than BIOS 1.12

ManageOne versions 3.0.5 3.0.7 3.0.8 3.0.9

OceanStor 18500 versions V100R001C30SPC300

OceanStor 18500 V3 versions V300R003C00 V300R006C10SPC100

OceanStor 18500F V3 versions V300R006C10SPC100

OceanStor 18800 versions V100R001C30SPC300

OceanStor 18800 V3 versions V300R006C10SPC100

OceanStor 18800F versions V100R001C30SPC300

OceanStor 18800F V3 versions V300R006C10SPC100

OceanStor 5300 V3 versions V300R006C10SPC100

OceanStor 5500 V3 versions V300R006C10SPC100

OceanStor 5600 V3 versions V300R006C10SPC100

OceanStor 5800 V3 versions V300R006C10SPC100

OceanStor 6800 V3 versions V300R006C10SPC100

OceanStor HVS85T versions V100R001C00

OceanStor HVS88T versions V100R001C00

OceanStor ReplicationDirector versions V200R001C00

RH1288 V2 versions Versions earlier than V100R002C00SPC640 (BIOS 520)

RH1288 V3 versions Versions earlier than V100R003C00SPC706 (BIOS V399)

RH1288A V2 versions Versions earlier than V100R002C00SPC710 (BIOS V521)

RH2265 V2 versions Versions earlier than V100R002C00SPC510 (BIOS V519)

RH2268 V2 versions Versions earlier than V100R002C00SPC609 (BIOS V519)

RH2285 V2 versions Versions earlier than V100R002C00SPC511 (BIOS V521)

RH2285H V2 versions Versions earlier than V100R002C00SPC511 (BIOS V521)

RH2288 V2 versions Versions earlier than V100R002C00SPC610 (BIOS 520)

RH2288 V3 versions Versions earlier than V100R003C00SPC706 (BIOS V399)

RH2288A V2 versions Versions earlier than V100R002C00SPC710 (BIOS V521)

RH2288E V2 versions Versions earlier than V100R002C00SPC302 (BIOS V519)

RH2288H V2 versions Versions earlier than V100R002C00SPC620 (BIOS 520)

RH2288H V3 versions Versions earlier than V100R003C00SPC706 (BIOS V399)

RH2485 V2 versions Versions earlier than V100R002C00SPC713 (BIOS V521)

RH5885 V2 4S versions Versions earlier than V100R001C02SPC306 (BIOS V038)

RH5885 V2 8S versions Versions earlier than V100R001C02SPC306 (BIOS V062)

RH5885 V3 (E7V2) versions Versions earlier than V100R003C01SPC127 (BIOS V358)

RH5885 V3 (E7V3&E7V4) versions Versions earlier than V100R003C10SPC121 (BIOS V817)

RH5885H V3 (E7V2) versions Versions earlier than V100R003C00SPC218 (BIOS V358)

RH5885H V3 (E7V3) versions Versions earlier than V100R003C00SPC218 (BIOS V660)

RH5885H V3 (E7V4) versions Versions earlier than V100R003C10SPC120 (BIOS V817)

RH8100 V3 (E7V2&E7V3) versions Versions earlier than V100R003C00SPC229 (BIOS V698)

RH8100 V3 (E7V4) versions Versions earlier than V100R003C00SPC229 (BIOS V817)

RSE6500 versions V500R002C00

SMC2.0 versions V100R003C10 V500R002C00

TaiShan200 2180K versions Versions earlier than 1.1.0.SPC133(BIOS V135K)

TaiShan200 2280 versions Versions earlier than 1.0.0.SPC133(BIOS V135)

TaiShan200 2280K versions Versions earlier than 1.1.0.SPC133(BIOS V135K)

TaiShan200 5280 versions Versions earlier than 1.2.0.SPC133(BIOS V135)

VP9630 versions V600R006C10

VP9660 versions V600R006C10

XH310 V3 versions Versions earlier than V100R003C00SPC706 (BIOS V399)

XH321 V3 versions Versions earlier than V100R003C00SPC706 (BIOS V399)

XH620 V3 versions Versions earlier than V100R003C00SPC706 (BIOS V399)

XH622 V3 versions Versions earlier than V100R003C00SPC706 (BIOS V399)

XH628 V3 versions Versions earlier than V100R003C00SPC706 (BIOS V399)

iManager NetEco versions V600R007C00 V600R007C10 V600R007C11 V600R007C12 V600R007C20 V600R007C40 V600R008C00 V600R008C10 V600R008C20 V600R008C30

iManager NetEco 6000 versions V600R007C40 V600R007C60 V600R007C80 V600R007C90 V600R008C00

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
4.7

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-3639
BugTraq ID: 104232
http://www.securityfocus.com/bid/104232
Bugtraq: 20190624 [SECURITY] [DSA 4469-1] libvirt security update (Google Search)
https://seclists.org/bugtraq/2019/Jun/36
Cert/CC Advisory: TA18-141A
https://www.us-cert.gov/ncas/alerts/TA18-141A
CERT/CC vulnerability note: VU#180049
https://www.kb.cert.org/vuls/id/180049
Cisco Security Advisory: 20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel
http://support.lenovo.com/us/en/solutions/LEN-22133
http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html
http://xenbits.xen.org/xsa/advisory-263.html
https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
https://nvidia.custhelp.com/app/answers/detail/a_id/4787
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004
https://security.netapp.com/advisory/ntap-20180521-0001/
https://support.citrix.com/article/CTX235225
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us
https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.synology.com/support/security/Synology_SA_18_23
Debian Security Information: DSA-4210 (Google Search)
https://www.debian.org/security/2018/dsa-4210
Debian Security Information: DSA-4273 (Google Search)
https://www.debian.org/security/2018/dsa-4273
https://www.exploit-db.com/exploits/44695/
https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
https://www.oracle.com/security-alerts/cpujul2020.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
http://www.openwall.com/lists/oss-security/2020/06/10/2
http://www.openwall.com/lists/oss-security/2020/06/10/5
http://www.openwall.com/lists/oss-security/2020/06/10/1
RedHat Security Advisories: RHSA-2018:1629
https://access.redhat.com/errata/RHSA-2018:1629
RedHat Security Advisories: RHSA-2018:1630
https://access.redhat.com/errata/RHSA-2018:1630
RedHat Security Advisories: RHSA-2018:1632
https://access.redhat.com/errata/RHSA-2018:1632
RedHat Security Advisories: RHSA-2018:1633
https://access.redhat.com/errata/RHSA-2018:1633
RedHat Security Advisories: RHSA-2018:1635
https://access.redhat.com/errata/RHSA-2018:1635
RedHat Security Advisories: RHSA-2018:1636
https://access.redhat.com/errata/RHSA-2018:1636
RedHat Security Advisories: RHSA-2018:1637
https://access.redhat.com/errata/RHSA-2018:1637
RedHat Security Advisories: RHSA-2018:1638
https://access.redhat.com/errata/RHSA-2018:1638
RedHat Security Advisories: RHSA-2018:1639
https://access.redhat.com/errata/RHSA-2018:1639
RedHat Security Advisories: RHSA-2018:1640
https://access.redhat.com/errata/RHSA-2018:1640
RedHat Security Advisories: RHSA-2018:1641
https://access.redhat.com/errata/RHSA-2018:1641
RedHat Security Advisories: RHSA-2018:1642
https://access.redhat.com/errata/RHSA-2018:1642
RedHat Security Advisories: RHSA-2018:1643
https://access.redhat.com/errata/RHSA-2018:1643
RedHat Security Advisories: RHSA-2018:1644
https://access.redhat.com/errata/RHSA-2018:1644
RedHat Security Advisories: RHSA-2018:1645
https://access.redhat.com/errata/RHSA-2018:1645
RedHat Security Advisories: RHSA-2018:1646
https://access.redhat.com/errata/RHSA-2018:1646
RedHat Security Advisories: RHSA-2018:1647
https://access.redhat.com/errata/RHSA-2018:1647
RedHat Security Advisories: RHSA-2018:1648
https://access.redhat.com/errata/RHSA-2018:1648
RedHat Security Advisories: RHSA-2018:1649
https://access.redhat.com/errata/RHSA-2018:1649
RedHat Security Advisories: RHSA-2018:1650
https://access.redhat.com/errata/RHSA-2018:1650
RedHat Security Advisories: RHSA-2018:1651
https://access.redhat.com/errata/RHSA-2018:1651
RedHat Security Advisories: RHSA-2018:1652
https://access.redhat.com/errata/RHSA-2018:1652
RedHat Security Advisories: RHSA-2018:1653
https://access.redhat.com/errata/RHSA-2018:1653
RedHat Security Advisories: RHSA-2018:1654
https://access.redhat.com/errata/RHSA-2018:1654
RedHat Security Advisories: RHSA-2018:1655
https://access.redhat.com/errata/RHSA-2018:1655
RedHat Security Advisories: RHSA-2018:1656
https://access.redhat.com/errata/RHSA-2018:1656
RedHat Security Advisories: RHSA-2018:1657
https://access.redhat.com/errata/RHSA-2018:1657
RedHat Security Advisories: RHSA-2018:1658
https://access.redhat.com/errata/RHSA-2018:1658
RedHat Security Advisories: RHSA-2018:1659
https://access.redhat.com/errata/RHSA-2018:1659
RedHat Security Advisories: RHSA-2018:1660
https://access.redhat.com/errata/RHSA-2018:1660
RedHat Security Advisories: RHSA-2018:1661
https://access.redhat.com/errata/RHSA-2018:1661
RedHat Security Advisories: RHSA-2018:1662
https://access.redhat.com/errata/RHSA-2018:1662
RedHat Security Advisories: RHSA-2018:1663
https://access.redhat.com/errata/RHSA-2018:1663
RedHat Security Advisories: RHSA-2018:1664
https://access.redhat.com/errata/RHSA-2018:1664
RedHat Security Advisories: RHSA-2018:1665
https://access.redhat.com/errata/RHSA-2018:1665
RedHat Security Advisories: RHSA-2018:1666
https://access.redhat.com/errata/RHSA-2018:1666
RedHat Security Advisories: RHSA-2018:1667
https://access.redhat.com/errata/RHSA-2018:1667
RedHat Security Advisories: RHSA-2018:1668
https://access.redhat.com/errata/RHSA-2018:1668
RedHat Security Advisories: RHSA-2018:1669
https://access.redhat.com/errata/RHSA-2018:1669
RedHat Security Advisories: RHSA-2018:1674
https://access.redhat.com/errata/RHSA-2018:1674
RedHat Security Advisories: RHSA-2018:1675
https://access.redhat.com/errata/RHSA-2018:1675
RedHat Security Advisories: RHSA-2018:1676
https://access.redhat.com/errata/RHSA-2018:1676
RedHat Security Advisories: RHSA-2018:1686
https://access.redhat.com/errata/RHSA-2018:1686
RedHat Security Advisories: RHSA-2018:1688
https://access.redhat.com/errata/RHSA-2018:1688
RedHat Security Advisories: RHSA-2018:1689
https://access.redhat.com/errata/RHSA-2018:1689
RedHat Security Advisories: RHSA-2018:1690
https://access.redhat.com/errata/RHSA-2018:1690
RedHat Security Advisories: RHSA-2018:1696
https://access.redhat.com/errata/RHSA-2018:1696
RedHat Security Advisories: RHSA-2018:1710
https://access.redhat.com/errata/RHSA-2018:1710
RedHat Security Advisories: RHSA-2018:1711
https://access.redhat.com/errata/RHSA-2018:1711
RedHat Security Advisories: RHSA-2018:1737
https://access.redhat.com/errata/RHSA-2018:1737
RedHat Security Advisories: RHSA-2018:1738
https://access.redhat.com/errata/RHSA-2018:1738
RedHat Security Advisories: RHSA-2018:1826
https://access.redhat.com/errata/RHSA-2018:1826
RedHat Security Advisories: RHSA-2018:1854
https://access.redhat.com/errata/RHSA-2018:1854
RedHat Security Advisories: RHSA-2018:1965
https://access.redhat.com/errata/RHSA-2018:1965
RedHat Security Advisories: RHSA-2018:1967
https://access.redhat.com/errata/RHSA-2018:1967
RedHat Security Advisories: RHSA-2018:1997
https://access.redhat.com/errata/RHSA-2018:1997
RedHat Security Advisories: RHSA-2018:2001
https://access.redhat.com/errata/RHSA-2018:2001
RedHat Security Advisories: RHSA-2018:2003
https://access.redhat.com/errata/RHSA-2018:2003
RedHat Security Advisories: RHSA-2018:2006
https://access.redhat.com/errata/RHSA-2018:2006
RedHat Security Advisories: RHSA-2018:2060
https://access.redhat.com/errata/RHSA-2018:2060
RedHat Security Advisories: RHSA-2018:2161
https://access.redhat.com/errata/RHSA-2018:2161
RedHat Security Advisories: RHSA-2018:2162
https://access.redhat.com/errata/RHSA-2018:2162
RedHat Security Advisories: RHSA-2018:2164
https://access.redhat.com/errata/RHSA-2018:2164
RedHat Security Advisories: RHSA-2018:2171
https://access.redhat.com/errata/RHSA-2018:2171
RedHat Security Advisories: RHSA-2018:2172
https://access.redhat.com/errata/RHSA-2018:2172
RedHat Security Advisories: RHSA-2018:2216
https://access.redhat.com/errata/RHSA-2018:2216
RedHat Security Advisories: RHSA-2018:2228
https://access.redhat.com/errata/RHSA-2018:2228
RedHat Security Advisories: RHSA-2018:2246
https://access.redhat.com/errata/RHSA-2018:2246
RedHat Security Advisories: RHSA-2018:2250
https://access.redhat.com/errata/RHSA-2018:2250
RedHat Security Advisories: RHSA-2018:2258
https://access.redhat.com/errata/RHSA-2018:2258
RedHat Security Advisories: RHSA-2018:2289
https://access.redhat.com/errata/RHSA-2018:2289
RedHat Security Advisories: RHSA-2018:2309
https://access.redhat.com/errata/RHSA-2018:2309
RedHat Security Advisories: RHSA-2018:2328
https://access.redhat.com/errata/RHSA-2018:2328
RedHat Security Advisories: RHSA-2018:2363
https://access.redhat.com/errata/RHSA-2018:2363
RedHat Security Advisories: RHSA-2018:2364
https://access.redhat.com/errata/RHSA-2018:2364
RedHat Security Advisories: RHSA-2018:2387
https://access.redhat.com/errata/RHSA-2018:2387
RedHat Security Advisories: RHSA-2018:2394
https://access.redhat.com/errata/RHSA-2018:2394
RedHat Security Advisories: RHSA-2018:2396
https://access.redhat.com/errata/RHSA-2018:2396
RedHat Security Advisories: RHSA-2018:2948
https://access.redhat.com/errata/RHSA-2018:2948
RedHat Security Advisories: RHSA-2018:3396
https://access.redhat.com/errata/RHSA-2018:3396
RedHat Security Advisories: RHSA-2018:3397
https://access.redhat.com/errata/RHSA-2018:3397
RedHat Security Advisories: RHSA-2018:3398
https://access.redhat.com/errata/RHSA-2018:3398
RedHat Security Advisories: RHSA-2018:3399
https://access.redhat.com/errata/RHSA-2018:3399
RedHat Security Advisories: RHSA-2018:3400
https://access.redhat.com/errata/RHSA-2018:3400
RedHat Security Advisories: RHSA-2018:3401
https://access.redhat.com/errata/RHSA-2018:3401
RedHat Security Advisories: RHSA-2018:3402
https://access.redhat.com/errata/RHSA-2018:3402
RedHat Security Advisories: RHSA-2018:3407
https://access.redhat.com/errata/RHSA-2018:3407
RedHat Security Advisories: RHSA-2018:3423
https://access.redhat.com/errata/RHSA-2018:3423
RedHat Security Advisories: RHSA-2018:3424
https://access.redhat.com/errata/RHSA-2018:3424
RedHat Security Advisories: RHSA-2018:3425
https://access.redhat.com/errata/RHSA-2018:3425
RedHat Security Advisories: RHSA-2019:0148
https://access.redhat.com/errata/RHSA-2019:0148
RedHat Security Advisories: RHSA-2019:1046
https://access.redhat.com/errata/RHSA-2019:1046
http://www.securitytracker.com/id/1040949
http://www.securitytracker.com/id/1042004
SuSE Security Announcement: openSUSE-SU-2019:1438 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html
SuSE Security Announcement: openSUSE-SU-2019:1439 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html
SuSE Security Announcement: openSUSE-SU-2020:1325 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html
https://usn.ubuntu.com/3651-1/
https://usn.ubuntu.com/3652-1/
https://usn.ubuntu.com/3653-1/
https://usn.ubuntu.com/3653-2/
https://usn.ubuntu.com/3654-1/
https://usn.ubuntu.com/3654-2/
https://usn.ubuntu.com/3655-1/
https://usn.ubuntu.com/3655-2/
https://usn.ubuntu.com/3679-1/
https://usn.ubuntu.com/3680-1/
https://usn.ubuntu.com/3756-1/
https://usn.ubuntu.com/3777-3/
Common Vulnerability Exposure (CVE) ID: CVE-2018-3640
BugTraq ID: 104228
http://www.securityfocus.com/bid/104228
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.