Vulnerability in Intel Corporation Microprocessors With Speculative Execution
CVE-2017-5715
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
EPSS: 0.885 (99.5th percentile) — read the EPSS interpretation.
Affected products
- Intel Corporation Microprocessors With Speculative Execution — versions All
Public proof-of-concept exploits
References
- nvidia.custhelp.com/app/answers/detail/a_id/4609 (x_refsource_CONFIRM)
- USN-3560-1 (x_refsource_UBUNTU, vendor-advisory)
- [debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update (mailing-list, x_refsource_MLIST)
- DSA-4187 (vendor-advisory, x_refsource_DEBIAN)
- USN-3542-2 (x_refsource_UBUNTU, vendor-advisory)
- GLSA-201810-06 (vendor-advisory, x_refsource_GENTOO)
- www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html (x_refsource_CONFIRM)
- www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html (x_refsource_CONFIRM)
- USN-3540-2 (x_refsource_UBUNTU, vendor-advisory)
- access.redhat.com/security/vulnerabilities/speculativeexecution (x_refsource_CONFIRM)
Frequently asked questions
- What is CVE-2017-5715?
- CVE-2017-5715 is a vulnerability in Intel Corporation Microprocessors With Speculative Execution. Published 2018-01-04.
- Is CVE-2017-5715 known to be exploited?
- 127 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.