Vulnerability Description
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Atom C | c2308 |
| Intel | Atom E | e3805 |
| Intel | Atom X3 | c3130 |
| Intel | Atom X5-E3930 | - |
| Intel | Atom X5-E3940 | - |
| Intel | Atom X7-E3950 | - |
| Intel | Atom Z | z2420 |
| Intel | Celeron J | j1750 |
| Intel | Celeron N | n2805 |
| Intel | Core I3 | 330e |
| Intel | Core I5 | 430m |
| Intel | Core I7 | 7y75 |
| Intel | Core M | 5y10 |
| Intel | Core M3 | 6y30 |
| Intel | Core M5 | 6y54 |
| Intel | Core M7 | 6y75 |
| Intel | Pentium J | j2850 |
| Intel | Pentium N | n3510 |
| Intel | Xeon | e5502 |
| Intel | Xeon Bronze 3104 | - |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.htmlMailing ListThird Party Advisory
- http://nvidia.custhelp.com/app/answers/detail/a_id/4609Third Party Advisory
- http://nvidia.custhelp.com/app/answers/detail/a_id/4611Third Party Advisory
- http://nvidia.custhelp.com/app/answers/detail/a_id/4613Third Party Advisory
- http://nvidia.custhelp.com/app/answers/detail/a_id/4614Third Party Advisory
- http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-ProofExploitThird Party AdvisoryVDB Entry
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txtThird Party Advisory
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txtThird Party Advisory
- http://www.kb.cert.org/vuls/id/584653Third Party AdvisoryUS Government Resource
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlPatchThird Party Advisory
- http://www.securityfocus.com/bid/102371Third Party AdvisoryVDB Entry
FAQ
What is CVE-2017-5753?
CVE-2017-5753 is a vulnerability with a CVSS score of 5.6 (MEDIUM). Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
How severe is CVE-2017-5753?
CVE-2017-5753 has been rated MEDIUM with a CVSS base score of 5.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-5753?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Atom C, Intel Atom E, Intel Atom X3, Intel Atom X5-E3930, Intel Atom X5-E3940.