CVE-2018-15572
Ubuntu Security Notice USN-3776-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.
La función spectre_v2_select_mitigation en arch/x86/kernel/cpu/bugs.c en el kernel de Linux en versiones anteriores a la 4.18.1 no siempre completa RSB en un cambio de contexto, lo que hace que sea más fácil para los atacantes realizar ataques spectreRSB espacio de usuario-espacio de usuario.
It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker could use this to expose sensitive information (memory from the kernel or other processes). It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-08-19 CVE Reserved
- 2018-08-20 CVE Published
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://usn.ubuntu.com/3775-1 | 2019-10-03 | |
| https://usn.ubuntu.com/3775-2 | 2019-10-03 | |
| https://usn.ubuntu.com/3776-1 | 2019-10-03 | |
| https://usn.ubuntu.com/3776-2 | 2019-10-03 | |
| https://usn.ubuntu.com/3777-1 | 2019-10-03 | |
| https://usn.ubuntu.com/3777-2 | 2019-10-03 | |
| https://usn.ubuntu.com/3777-3 | 2019-10-03 | |
| https://www.debian.org/security/2018/dsa-4308 | 2019-10-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | esm |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 4.18.1 Search vendor "Linux" for product "Linux Kernel" and version " < 4.18.1" | - |
Affected
| ||||||