CVE-2018-5407

Description

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

CVSS Metrics

• v3.1•MEDIUM•Score: 4.7CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
• v2.0•LOW•Score: 1.9AV:L/AC:M/Au:N/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 0.84%• Percentile: 75%

Techniques & Countermeasures

• CWE-203•Observable Discrepancy

  The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

• CWE-200•Exposure of Sensitive Information to an Unauthorized Actor

  The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Affected Systems

• canonical•ubuntu_linux

  14.04 | 16.04 | 18.04 | 18.10

• debian•debian_linux

  8.0 | 9.0

• nodejs•node.js

  < 6.14.4 | ≥ 8.0.0, < 8.11.4 | ≥ 10.0.0, < 10.9.0

• Unknown•OpenSSL

  ≥ 1.0.2, < 1.0.2q | ≥ 1.1.0, < 1.1.0i

• oracle•api_gateway

  11.1.2.4.0

• oracle•application_server

  0.9.8 | 1.0.0 | 1.0.1

• oracle•enterprise_manager_base_platform

  12.1.0.5.0 | 13.2.0.0.0 | 13.3.0.0.0

• oracle•enterprise_manager_ops_center

  12.3.3

• oracle•mysql_enterprise_backup

  ≤ 3.12.3 | ≥ 3.12.4, ≤ 4.1.2

• oracle•peoplesoft_enterprise_peopletools

  8.55 | 8.56 | 8.57

• oracle•primavera_p6_enterprise_project_portfolio_management

  ≥ 17.7, ≤ 17.12 | 8.4 | 15.1 | 15.2 | 16.1 | 16.2 | 18.8

• oracle•tuxedo

  12.1.1.0.0

• oracle•vm_virtualbox

  < 6.0.0

• redhat•enterprise_linux_desktop

  7.0

• redhat•enterprise_linux_server

  7.0 | 7.6

• redhat•enterprise_linux_server_aus

  7.6

• redhat•enterprise_linux_server_eus

  7.6

• redhat•enterprise_linux_server_tus

  7.6

• redhat•enterprise_linux_workstation

  7.0

• tenable•nessus

  < 8.1.1

References (28)

• https://access.redhat.com/errata/RHSA-2019:0483
• https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
• https://security.netapp.com/advisory/ntap-20181126-0001/
• https://usn.ubuntu.com/3840-1/
• https://www.debian.org/security/2018/dsa-4355
• https://www.tenable.com/security/tns-2018-17
• https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
• https://security.gentoo.org/glsa/201903-10
• https://www.tenable.com/security/tns-2018-16
• https://www.exploit-db.com/exploits/45785/
• https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html
• https://github.com/bbbrumley/portsmash
• https://www.debian.org/security/2018/dsa-4348
• http://www.securityfocus.com/bid/105897
• https://eprint.iacr.org/2018/1060.pdf
• https://access.redhat.com/errata/RHSA-2019:0651
• https://access.redhat.com/errata/RHSA-2019:0652
• https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
• https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
• https://access.redhat.com/errata/RHSA-2019:2125
• https://support.f5.com/csp/article/K49711130?utm_source=f5support&amp%3Butm_medium=RSS
• https://access.redhat.com/errata/RHSA-2019:3929
• https://access.redhat.com/errata/RHSA-2019:3933
• https://access.redhat.com/errata/RHSA-2019:3931
• https://access.redhat.com/errata/RHSA-2019:3935
• https://access.redhat.com/errata/RHSA-2019:3932
• https://www.oracle.com/security-alerts/cpujan2020.html
• https://www.oracle.com/security-alerts/cpuapr2020.html