Oval Definition:	oval:com.ubuntu.artful:def:20183639000
Revision Date: 2018-05-22 Version: 1 Title: CVE-2018-3639 on Ubuntu 17.10 (artful) - medium. Description: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-3639 Platform(s): Ubuntu 17.10 Product(s): Definition Synopsis Ubuntu 17.10 (artful) is installed. AND Package Information The 'libvirt' package in artful was vulnerable but has been fixed (note: '3.6.0-1ubuntu6.8'). OR The 'linux' package in artful was vulnerable but has been fixed (note: '4.13.0-43.48'). OR The vulnerability of the 'linux-raspi2' package in artful is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'linux-snapdragon' package in artful is not known (status: 'needs-triage'). It is pending evaluation. OR The 'qemu' package in artful was vulnerable but has been fixed (note: '1:2.10+dfsg-0ubuntu3.7').
BACK