Vulnerability Description
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Atom C | c2308 |
| Intel | Atom E | e3805 |
| Intel | Atom X3 | c3130 |
| Intel | Atom Z | z2420 |
| Intel | Celeron J | j1750 |
| Intel | Celeron N | n2805 |
| Intel | Core I3 | 330e |
| Intel | Core I5 | 430m |
| Intel | Core I7 | 7y75 |
| Intel | Core M | 5y10 |
| Intel | Core M3 | 6y30 |
| Intel | Core M5 | 6y54 |
| Intel | Core M7 | 6y75 |
| Intel | Pentium J | j2850 |
| Intel | Pentium N | n3510 |
| Intel | Xeon | e5502 |
| Intel | Xeon Bronze 3104 | - |
| Intel | Xeon Bronze 3106 | - |
| Intel | Xeon E-1105C | - |
| Intel | Xeon E3 | 1505m_v6 |
References
- https://access.redhat.com/errata/RHSA-2018:2384Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2390Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2395Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1946Third Party Advisory
- https://access.redhat.com/errata/RHSA-2020:0174Third Party Advisory
- https://cdrdv2.intel.com/v1/dl/getContent/685359Third Party Advisory
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxurThird Party Advisory
- https://security.netapp.com/advisory/ntap-20180823-0001/Third Party Advisory
- https://www.oracle.com/security-alerts/cpujul2020.htmlPatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpuoct2020.htmlPatchThird Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlPatchThird Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2384Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2390Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2395Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1946Third Party Advisory
FAQ
What is CVE-2018-3693?
CVE-2018-3693 is a vulnerability with a CVSS score of 5.6 (MEDIUM). Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overf...
How severe is CVE-2018-3693?
CVE-2018-3693 has been rated MEDIUM with a CVSS base score of 5.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-3693?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Atom C, Intel Atom E, Intel Atom X3, Intel Atom Z, Intel Celeron J.