CVE-2017-5754

MEDIUM · 5.6 EPSS 88.7%

No AI summary yet — the auto-summarizer runs every 10 minutes for top trending CVEs.

› NVD details 1 CWE ·2 vendors · 132 refs expand

Description

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

Weaknesses

CWE-200

Vendors

intel
arm

Products

atom_c
atom_e
atom_x3
atom_z
celeron_j
celeron_n
core_i3
core_i5
core_i7
core_m
core_m3
core_m5
+197 more

References

Patches & fixes · 1

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

Third-party advisories · 14

http://nvidia.custhelp.com/app/answers/detail/a_id/4609
http://www.kb.cert.org/vuls/id/584653
http://www.securitytracker.com/id/1040071
http://xenbits.xen.org/xsa/advisory-254.html
https://access.redhat.com/security/vulnerabilities/speculativeexecution
https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
+6 more

Other · 102