Vulnerability in Intel Core_i3
CVE-2018-3615
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user acce…
EPSS: 0.016 (82.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N.
Affected products
- Intel Core_i3 — versions 6006u, 6098p, 6100
- Intel Core_i5 — versions 650, 655k, 660
- Intel Core_i7 — versions 610e, 620le, 620lm
- Intel Xeon_e3 — versions 1515m_v5, 1535m_v5, 1545m_v5
- Intel Xeon_e3_1220_v5
- Intel Xeon_e3_1220_v6
- Intel Xeon_e3_1225_v5
- Intel Xeon_e3_1225_v6
- Intel Xeon_e3_1230_v5
- Intel Xeon_e3_1230_v6
Weakness classification (CWE)
Public proof-of-concept exploits
References
- secure@intel.com (x_refsource_CERT-VN, Third Party Advisory, third-party-advisory)
- secure@intel.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
- secure@intel.com (x_refsource_CONFIRM, Third Party Advisory)
- secure@intel.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
- secure@intel.com (Technical Description, Third Party Advisory, x_refsource_MISC)
- secure@intel.com (x_refsource_CONFIRM, Third Party Advisory)
- secure@intel.com (x_refsource_CISCO, vendor-advisory, Third Party Advisory)
- secure@intel.com (x_refsource_CONFIRM, Third Party Advisory)
- secure@intel.com (x_refsource_CONFIRM, Third Party Advisory)
- secure@intel.com (x_refsource_CONFIRM, Third Party Advisory)
Frequently asked questions
- What is CVE-2018-3615?
- CVE-2018-3615 is a high-severity vulnerability in Intel Core_i3, classified under Observable Discrepancy. CVSS score: 7.3/10. Published 2018-08-14.
- How severe is CVE-2018-3615?
- High severity. CVSS v3 base score is 7.3 out of 10.
- Is CVE-2018-3615 known to be exploited?
- 23 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.