English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.843629
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-3756-1)
Summary:The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-3756-1 advisory.
Description:Summary:
The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-3756-1 advisory.

Vulnerability Insight:
It was discovered that memory present in the L1 data cache of an Intel CPU
core may be exposed to a malicious process that is executing on the CPU
core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local
attacker in a guest virtual machine could use this to expose sensitive
information (memory from other guests or the host OS). (CVE-2018-3646)

Jann Horn and Ken Johnson discovered that microprocessors utilizing
speculative execution of a memory read may allow unauthorized memory reads
via a sidechannel attack. This flaw is known as Spectre Variant 4. A local
attacker could use this to expose sensitive information, including kernel
memory. (CVE-2018-3639)

Zdenek Sojka, Rudolf Marek, Alex Zuepke, and Innokentiy Sennovskiy
discovered that microprocessors that perform speculative reads of
system registers may allow unauthorized disclosure of system parameters
via a sidechannel attack. This vulnerability is also known as Rogue
System Register Read (RSRE). An attacker could use this to expose
sensitive information. (CVE-2018-3640)

Affected Software/OS:
'intel-microcode' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04.

Solution:
Please install the updated package(s).

CVSS Score:
4.7

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-3639
BugTraq ID: 104232
http://www.securityfocus.com/bid/104232
Bugtraq: 20190624 [SECURITY] [DSA 4469-1] libvirt security update (Google Search)
https://seclists.org/bugtraq/2019/Jun/36
Cert/CC Advisory: TA18-141A
https://www.us-cert.gov/ncas/alerts/TA18-141A
CERT/CC vulnerability note: VU#180049
https://www.kb.cert.org/vuls/id/180049
Cisco Security Advisory: 20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel
http://support.lenovo.com/us/en/solutions/LEN-22133
http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html
http://xenbits.xen.org/xsa/advisory-263.html
https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
https://nvidia.custhelp.com/app/answers/detail/a_id/4787
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004
https://security.netapp.com/advisory/ntap-20180521-0001/
https://support.citrix.com/article/CTX235225
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us
https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.synology.com/support/security/Synology_SA_18_23
Debian Security Information: DSA-4210 (Google Search)
https://www.debian.org/security/2018/dsa-4210
Debian Security Information: DSA-4273 (Google Search)
https://www.debian.org/security/2018/dsa-4273
https://www.exploit-db.com/exploits/44695/
https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
https://www.oracle.com/security-alerts/cpujul2020.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
http://www.openwall.com/lists/oss-security/2020/06/10/2
http://www.openwall.com/lists/oss-security/2020/06/10/5
http://www.openwall.com/lists/oss-security/2020/06/10/1
RedHat Security Advisories: RHSA-2018:1629
https://access.redhat.com/errata/RHSA-2018:1629
RedHat Security Advisories: RHSA-2018:1630
https://access.redhat.com/errata/RHSA-2018:1630
RedHat Security Advisories: RHSA-2018:1632
https://access.redhat.com/errata/RHSA-2018:1632
RedHat Security Advisories: RHSA-2018:1633
https://access.redhat.com/errata/RHSA-2018:1633
RedHat Security Advisories: RHSA-2018:1635
https://access.redhat.com/errata/RHSA-2018:1635
RedHat Security Advisories: RHSA-2018:1636
https://access.redhat.com/errata/RHSA-2018:1636
RedHat Security Advisories: RHSA-2018:1637
https://access.redhat.com/errata/RHSA-2018:1637
RedHat Security Advisories: RHSA-2018:1638
https://access.redhat.com/errata/RHSA-2018:1638
RedHat Security Advisories: RHSA-2018:1639
https://access.redhat.com/errata/RHSA-2018:1639
RedHat Security Advisories: RHSA-2018:1640
https://access.redhat.com/errata/RHSA-2018:1640
RedHat Security Advisories: RHSA-2018:1641
https://access.redhat.com/errata/RHSA-2018:1641
RedHat Security Advisories: RHSA-2018:1642
https://access.redhat.com/errata/RHSA-2018:1642
RedHat Security Advisories: RHSA-2018:1643
https://access.redhat.com/errata/RHSA-2018:1643
RedHat Security Advisories: RHSA-2018:1644
https://access.redhat.com/errata/RHSA-2018:1644
RedHat Security Advisories: RHSA-2018:1645
https://access.redhat.com/errata/RHSA-2018:1645
RedHat Security Advisories: RHSA-2018:1646
https://access.redhat.com/errata/RHSA-2018:1646
RedHat Security Advisories: RHSA-2018:1647
https://access.redhat.com/errata/RHSA-2018:1647
RedHat Security Advisories: RHSA-2018:1648
https://access.redhat.com/errata/RHSA-2018:1648
RedHat Security Advisories: RHSA-2018:1649
https://access.redhat.com/errata/RHSA-2018:1649
RedHat Security Advisories: RHSA-2018:1650
https://access.redhat.com/errata/RHSA-2018:1650
RedHat Security Advisories: RHSA-2018:1651
https://access.redhat.com/errata/RHSA-2018:1651
RedHat Security Advisories: RHSA-2018:1652
https://access.redhat.com/errata/RHSA-2018:1652
RedHat Security Advisories: RHSA-2018:1653
https://access.redhat.com/errata/RHSA-2018:1653
RedHat Security Advisories: RHSA-2018:1654
https://access.redhat.com/errata/RHSA-2018:1654
RedHat Security Advisories: RHSA-2018:1655
https://access.redhat.com/errata/RHSA-2018:1655
RedHat Security Advisories: RHSA-2018:1656
https://access.redhat.com/errata/RHSA-2018:1656
RedHat Security Advisories: RHSA-2018:1657
https://access.redhat.com/errata/RHSA-2018:1657
RedHat Security Advisories: RHSA-2018:1658
https://access.redhat.com/errata/RHSA-2018:1658
RedHat Security Advisories: RHSA-2018:1659
https://access.redhat.com/errata/RHSA-2018:1659
RedHat Security Advisories: RHSA-2018:1660
https://access.redhat.com/errata/RHSA-2018:1660
RedHat Security Advisories: RHSA-2018:1661
https://access.redhat.com/errata/RHSA-2018:1661
RedHat Security Advisories: RHSA-2018:1662
https://access.redhat.com/errata/RHSA-2018:1662
RedHat Security Advisories: RHSA-2018:1663
https://access.redhat.com/errata/RHSA-2018:1663
RedHat Security Advisories: RHSA-2018:1664
https://access.redhat.com/errata/RHSA-2018:1664
RedHat Security Advisories: RHSA-2018:1665
https://access.redhat.com/errata/RHSA-2018:1665
RedHat Security Advisories: RHSA-2018:1666
https://access.redhat.com/errata/RHSA-2018:1666
RedHat Security Advisories: RHSA-2018:1667
https://access.redhat.com/errata/RHSA-2018:1667
RedHat Security Advisories: RHSA-2018:1668
https://access.redhat.com/errata/RHSA-2018:1668
RedHat Security Advisories: RHSA-2018:1669
https://access.redhat.com/errata/RHSA-2018:1669
RedHat Security Advisories: RHSA-2018:1674
https://access.redhat.com/errata/RHSA-2018:1674
RedHat Security Advisories: RHSA-2018:1675
https://access.redhat.com/errata/RHSA-2018:1675
RedHat Security Advisories: RHSA-2018:1676
https://access.redhat.com/errata/RHSA-2018:1676
RedHat Security Advisories: RHSA-2018:1686
https://access.redhat.com/errata/RHSA-2018:1686
RedHat Security Advisories: RHSA-2018:1688
https://access.redhat.com/errata/RHSA-2018:1688
RedHat Security Advisories: RHSA-2018:1689
https://access.redhat.com/errata/RHSA-2018:1689
RedHat Security Advisories: RHSA-2018:1690
https://access.redhat.com/errata/RHSA-2018:1690
RedHat Security Advisories: RHSA-2018:1696
https://access.redhat.com/errata/RHSA-2018:1696
RedHat Security Advisories: RHSA-2018:1710
https://access.redhat.com/errata/RHSA-2018:1710
RedHat Security Advisories: RHSA-2018:1711
https://access.redhat.com/errata/RHSA-2018:1711
RedHat Security Advisories: RHSA-2018:1737
https://access.redhat.com/errata/RHSA-2018:1737
RedHat Security Advisories: RHSA-2018:1738
https://access.redhat.com/errata/RHSA-2018:1738
RedHat Security Advisories: RHSA-2018:1826
https://access.redhat.com/errata/RHSA-2018:1826
RedHat Security Advisories: RHSA-2018:1854
https://access.redhat.com/errata/RHSA-2018:1854
RedHat Security Advisories: RHSA-2018:1965
https://access.redhat.com/errata/RHSA-2018:1965
RedHat Security Advisories: RHSA-2018:1967
https://access.redhat.com/errata/RHSA-2018:1967
RedHat Security Advisories: RHSA-2018:1997
https://access.redhat.com/errata/RHSA-2018:1997
RedHat Security Advisories: RHSA-2018:2001
https://access.redhat.com/errata/RHSA-2018:2001
RedHat Security Advisories: RHSA-2018:2003
https://access.redhat.com/errata/RHSA-2018:2003
RedHat Security Advisories: RHSA-2018:2006
https://access.redhat.com/errata/RHSA-2018:2006
RedHat Security Advisories: RHSA-2018:2060
https://access.redhat.com/errata/RHSA-2018:2060
RedHat Security Advisories: RHSA-2018:2161
https://access.redhat.com/errata/RHSA-2018:2161
RedHat Security Advisories: RHSA-2018:2162
https://access.redhat.com/errata/RHSA-2018:2162
RedHat Security Advisories: RHSA-2018:2164
https://access.redhat.com/errata/RHSA-2018:2164
RedHat Security Advisories: RHSA-2018:2171
https://access.redhat.com/errata/RHSA-2018:2171
RedHat Security Advisories: RHSA-2018:2172
https://access.redhat.com/errata/RHSA-2018:2172
RedHat Security Advisories: RHSA-2018:2216
https://access.redhat.com/errata/RHSA-2018:2216
RedHat Security Advisories: RHSA-2018:2228
https://access.redhat.com/errata/RHSA-2018:2228
RedHat Security Advisories: RHSA-2018:2246
https://access.redhat.com/errata/RHSA-2018:2246
RedHat Security Advisories: RHSA-2018:2250
https://access.redhat.com/errata/RHSA-2018:2250
RedHat Security Advisories: RHSA-2018:2258
https://access.redhat.com/errata/RHSA-2018:2258
RedHat Security Advisories: RHSA-2018:2289
https://access.redhat.com/errata/RHSA-2018:2289
RedHat Security Advisories: RHSA-2018:2309
https://access.redhat.com/errata/RHSA-2018:2309
RedHat Security Advisories: RHSA-2018:2328
https://access.redhat.com/errata/RHSA-2018:2328
RedHat Security Advisories: RHSA-2018:2363
https://access.redhat.com/errata/RHSA-2018:2363
RedHat Security Advisories: RHSA-2018:2364
https://access.redhat.com/errata/RHSA-2018:2364
RedHat Security Advisories: RHSA-2018:2387
https://access.redhat.com/errata/RHSA-2018:2387
RedHat Security Advisories: RHSA-2018:2394
https://access.redhat.com/errata/RHSA-2018:2394
RedHat Security Advisories: RHSA-2018:2396
https://access.redhat.com/errata/RHSA-2018:2396
RedHat Security Advisories: RHSA-2018:2948
https://access.redhat.com/errata/RHSA-2018:2948
RedHat Security Advisories: RHSA-2018:3396
https://access.redhat.com/errata/RHSA-2018:3396
RedHat Security Advisories: RHSA-2018:3397
https://access.redhat.com/errata/RHSA-2018:3397
RedHat Security Advisories: RHSA-2018:3398
https://access.redhat.com/errata/RHSA-2018:3398
RedHat Security Advisories: RHSA-2018:3399
https://access.redhat.com/errata/RHSA-2018:3399
RedHat Security Advisories: RHSA-2018:3400
https://access.redhat.com/errata/RHSA-2018:3400
RedHat Security Advisories: RHSA-2018:3401
https://access.redhat.com/errata/RHSA-2018:3401
RedHat Security Advisories: RHSA-2018:3402
https://access.redhat.com/errata/RHSA-2018:3402
RedHat Security Advisories: RHSA-2018:3407
https://access.redhat.com/errata/RHSA-2018:3407
RedHat Security Advisories: RHSA-2018:3423
https://access.redhat.com/errata/RHSA-2018:3423
RedHat Security Advisories: RHSA-2018:3424
https://access.redhat.com/errata/RHSA-2018:3424
RedHat Security Advisories: RHSA-2018:3425
https://access.redhat.com/errata/RHSA-2018:3425
RedHat Security Advisories: RHSA-2019:0148
https://access.redhat.com/errata/RHSA-2019:0148
RedHat Security Advisories: RHSA-2019:1046
https://access.redhat.com/errata/RHSA-2019:1046
http://www.securitytracker.com/id/1040949
http://www.securitytracker.com/id/1042004
SuSE Security Announcement: openSUSE-SU-2019:1438 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html
SuSE Security Announcement: openSUSE-SU-2019:1439 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html
SuSE Security Announcement: openSUSE-SU-2020:1325 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html
https://usn.ubuntu.com/3651-1/
https://usn.ubuntu.com/3652-1/
https://usn.ubuntu.com/3653-1/
https://usn.ubuntu.com/3653-2/
https://usn.ubuntu.com/3654-1/
https://usn.ubuntu.com/3654-2/
https://usn.ubuntu.com/3655-1/
https://usn.ubuntu.com/3655-2/
https://usn.ubuntu.com/3679-1/
https://usn.ubuntu.com/3680-1/
https://usn.ubuntu.com/3756-1/
https://usn.ubuntu.com/3777-3/
Common Vulnerability Exposure (CVE) ID: CVE-2018-3640
BugTraq ID: 104228
http://www.securityfocus.com/bid/104228
Common Vulnerability Exposure (CVE) ID: CVE-2018-3646
BugTraq ID: 105080
http://www.securityfocus.com/bid/105080
CERT/CC vulnerability note: VU#982149
https://www.kb.cert.org/vuls/id/982149
Cisco Security Advisory: 20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
http://support.lenovo.com/us/en/solutions/LEN-24163
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
http://www.vmware.com/security/advisories/VMSA-2018-0020.html
http://xenbits.xen.org/xsa/advisory-273.html
https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010
https://security.netapp.com/advisory/ntap-20180815-0001/
https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
https://support.f5.com/csp/article/K31300402
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
https://www.synology.com/support/security/Synology_SA_18_45
Debian Security Information: DSA-4274 (Google Search)
https://www.debian.org/security/2018/dsa-4274
Debian Security Information: DSA-4279 (Google Search)
https://www.debian.org/security/2018/dsa-4279
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/
FreeBSD Security Advisory: FreeBSD-SA-18:09
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc
https://security.gentoo.org/glsa/201810-06
https://foreshadowattack.eu/
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html
RedHat Security Advisories: RHSA-2018:2384
https://access.redhat.com/errata/RHSA-2018:2384
RedHat Security Advisories: RHSA-2018:2388
https://access.redhat.com/errata/RHSA-2018:2388
RedHat Security Advisories: RHSA-2018:2389
https://access.redhat.com/errata/RHSA-2018:2389
RedHat Security Advisories: RHSA-2018:2390
https://access.redhat.com/errata/RHSA-2018:2390
RedHat Security Advisories: RHSA-2018:2391
https://access.redhat.com/errata/RHSA-2018:2391
RedHat Security Advisories: RHSA-2018:2392
https://access.redhat.com/errata/RHSA-2018:2392
RedHat Security Advisories: RHSA-2018:2393
https://access.redhat.com/errata/RHSA-2018:2393
RedHat Security Advisories: RHSA-2018:2395
https://access.redhat.com/errata/RHSA-2018:2395
RedHat Security Advisories: RHSA-2018:2402
https://access.redhat.com/errata/RHSA-2018:2402
RedHat Security Advisories: RHSA-2018:2403
https://access.redhat.com/errata/RHSA-2018:2403
RedHat Security Advisories: RHSA-2018:2404
https://access.redhat.com/errata/RHSA-2018:2404
RedHat Security Advisories: RHSA-2018:2602
https://access.redhat.com/errata/RHSA-2018:2602
RedHat Security Advisories: RHSA-2018:2603
https://access.redhat.com/errata/RHSA-2018:2603
http://www.securitytracker.com/id/1041451
https://usn.ubuntu.com/3740-1/
https://usn.ubuntu.com/3740-2/
https://usn.ubuntu.com/3741-1/
https://usn.ubuntu.com/3741-2/
https://usn.ubuntu.com/3742-1/
https://usn.ubuntu.com/3742-2/
https://usn.ubuntu.com/3823-1/
CopyrightCopyright (C) 2018 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.