| CNNVD-ID编号 | CNNVD-201808-341 |
| CVE编号 | CVE-2018-3615 |
| 发布时间 | 2018-08-14 |
| 更新时间 | 2020-12-24 |
| 漏洞类型 | 信息泄露 |
| 漏洞来源 | University of Michigan; Mark Silberstein, Technion; Thomas F.,Raoul Strackx, KU Leuven; Marina Minkin, University of Michigan; Baris Kasikci, and Frank Piessens of imec-DistriNet, Technion; Ofir Weisse, Jo Van Bulck,这些漏洞由外部公开披露。, University of Michigan; Daniel Genkin |
| 危险等级 | 中危 |
| 威胁类型 | 本地 |
| 厂 商 | intel |
Intel Xeon Processor E3 v5 Family等都是美国英特尔(Intel)公司的中央处理器(CPU)产品。
多款Intel产品(使用推测执行和Intel软件防护扩展(Intel SGX))中存在信息泄露漏洞。本地攻击者可利用该漏洞泄露L1数据缓存中的信息。以下产品受到影响:Intel Xeon Processor E3 v5 Family;Intel Xeon Processor E3 v6 Family;6th generation Intel Core processors;7th generation Intel Core processors;8th generation Intel Core processors。
目前厂商已发布升级了多款Intel产品信息泄露漏洞的补丁,多款Intel产品信息泄露漏洞的补丁获取链接:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
来源:CONFIRM
链接:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
来源:CONFIRM
来源:MLIST
链接:https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
来源:CONFIRM
链接:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
来源:MISC
来源:SECTRACK
来源:BID
来源:CONFIRM
链接:https://www.synology.com/support/security/Synology_SA_18_45
来源:CONFIRM
链接:https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008
来源:CONFIRM
链接:https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
来源:CONFIRM
来源:CISCO
来源:CERT-VN
来源:CONFIRM
链接:https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
来源:CONFIRM
链接:https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
来源:CONFIRM
链接:https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
来源:CONFIRM
来源:fortiguard.com
来源:security.business.xerox.com
来源:www.auscert.org.au
来源:www.securityfocus.com
来源:www.auscert.org.au
来源:www.auscert.org.au