MidnightBSD

Advisories for arm

CVE-2015-5291 MEDIUM

Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server name indication (SNI) extension, which is not properly handled when creating a ClientHello message. NOTE: this identifier has been SPLIT per ADT3 due to different affected version ranges. See CVE-2015-8036 for the session ticket issue that was introduced in 1.3.0.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
fedoraproject fedora 21
debian debian_linux 7.0
debian debian_linux 8.0
fedoraproject fedora 22
opensuse opensuse 13.2
fedoraproject fedora 23
arm mbed_tls *
polarssl polarssl *
opensuse leap 42.1
CVE-2015-8036 MEDIUM

Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long session ticket name to the session ticket extension, which is not properly handled when creating a ClientHello message to resume a session. NOTE: this identifier was SPLIT from CVE-2015-5291 per ADT3 due to different affected version ranges.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
fedoraproject fedora 21
debian debian_linux 7.0
debian debian_linux 8.0
opensuse opensuse 13.2
arm mbed_tls *
polarssl polarssl *
CVE-2017-14032 MEDIUM

ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
arm mbed_tls 2.1.0
arm mbed_tls 2.0.0
arm mbed_tls 2.4.2
arm mbed_tls 2.4.0
arm mbed_tls 1.3.10
arm mbed_tls 1.3.15
arm mbed_tls 2.1.2
arm mbed_tls 2.1.6
arm mbed_tls 2.1.1
arm mbed_tls 2.1.9
arm mbed_tls 1.3.14
arm mbed_tls 1.3.21
arm mbed_tls 1.3.13
arm mbed_tls 2.5.1
arm mbed_tls 2.1.8
arm mbed_tls 2.2.0
arm mbed_tls 1.3.16
arm mbed_tls 2.1.7
arm mbed_tls 2.6.2
arm mbed_tls 1.3.11
arm mbed_tls 2.1.5
arm mbed_tls 2.2.1
arm mbed_tls 2.1.3
arm mbed_tls 2.1.4
arm mbed_tls 1.3.12
arm mbed_tls 1.3.19
arm mbed_tls 1.3.18
arm mbed_tls 2.3.0
arm mbed_tls 1.3.17
arm mbed_tls 1.3.20
CVE-2017-15031 MEDIUM

In all versions of ARM Trusted Firmware up to and including v1.4, not initializing or saving/restoring the PMCR_EL0 register can leak secure world timing information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
arm arm-trusted-firmware *
CVE-2017-18187 HIGH

In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 8.0
arm mbed_tls *
CVE-2017-2784 MEDIUM

An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to a potential remote code execution. In order to exploit this vulnerability, an attacker can act as either a client or a server on a network to deliver malicious x509 certificates to vulnerable applications.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
arm mbed_tls 2.1.0
arm mbed_tls 2.1.3
arm mbed_tls 2.0.0
arm mbed_tls 2.1.2
arm mbed_tls 2.1.4
arm mbed_tls 2.4.0
arm mbed_tls 2.1.6
arm mbed_tls 2.1.1
arm mbed_tls *
arm mbed_tls 2.1.5
CVE-2017-5715 LOW

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.6 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N 1.1 4.0

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,CWE-203,

Products Affected

Vendor Product Version
intel celeron_n n4000
intel core_i3 6100te
intel core_i7 840qm
intel pentium_j j2900
intel xeon_e3_1230_v6 -
intel xeon_e5 4607_v2
intel core_i7 5700hq
intel core_i7 660lm
intel xeon_gold 6140m
intel core_i7 5700eq
intel core_i7 960
intel core_i3 2120
intel xeon l5506
intel core_i7 7820hk
intel xeon e7540
intel core_i5 4250u
intel core_i3 330um
intel core_i7 680um
intel xeon_e5 4640_v4
intel core_i7 2675qm
intel xeon_e7 8860_v4
intel core_i7 975
intel core_i3 4360
intel xeon_silver 4110
intel core_i5 680
intel core_i7 640m
intel xeon_e7 4860_v2
intel xeon x5647
intel xeon_e5_2650_v3 -
intel core_i5 5675c
intel xeon_e3_1280_v5 -
intel pentium_n n3700
intel celeron_j j3355
intel core_m5 6y57
intel xeon_e7 8890_v3
intel xeon_e5 4610
intel xeon ec5539
intel xeon_e3_1285_v6 -
intel xeon_e5 2697_v2
intel xeon_e5_2630l_v3 -
intel core_i5 480m
intel xeon_e5 4650_v4
intel xeon_e3_1230 -
intel atom_x3 c3230rk
intel atom_z z3560
intel core_i5 4340m
intel core_i7 870s
intel core_i5 2300
intel xeon e5502
intel core_m 5y10a
intel xeon_e5 2658a_v3
intel xeon_e5 4655_v3
intel xeon w3690
intel xeon_e3_1220_v2 -
intel xeon_e5 2680
intel core_i3 4158u
intel core_i3 6102e
intel xeon_platinum 8158
intel xeon e6510
intel atom_c c2508
intel xeon_e3_1275_v2 -
intel core_i5 5575r
intel core_i7 2600s
intel xeon e5503
debian debian_linux 7.0
intel core_i5 2400s
intel core_i7 3770k
intel core_i3 4150
intel core_i7 4578u
intel core_i5 3439y
intel core_i5 4440s
intel xeon_e5 4650_v2
intel celeron_n n2920
intel xeon_e5_2418l_v2 -
intel core_i7 7567u
intel atom_c c2338
intel core_i3 2367m
intel xeon_e7 2890_v2
intel xeon_gold 6142f
intel xeon e5607
intel xeon_e7 8860
intel xeon_silver 4116
intel core_i3 4170t
intel core_i7 4760hq
intel pentium_n n3710
intel xeon l7555
intel core_i5 4590
intel core_i7 3612qe
intel core_i3 3245
intel core_i7 980x
intel core_i7 4950hq
intel core_i5 3550
intel xeon_e7 4870
intel celeron_j j1850
intel xeon_e3_1225_v5 -
intel xeon_e7 8880_v4
intel xeon_e5 2667
netapp hci_management_node -
intel xeon x3470
intel core_i7 3635qm
intel xeon_e3_1125c_v2 -
intel core_i7 5775c
intel xeon_e5_2648l_v4 -
intel atom_x3 c3265rk
intel core_i7 4500u
intel xeon_e7 8867_v3
debian debian_linux 8.0
intel xeon x3450
intel core_i7 7660u
intel xeon w5580
intel core_i3 2102
intel core_i3 4020y
intel core_i5 6350hq
intel xeon_phi 7295
intel xeon l3426
intel core_i3 530
intel core_i3 3130m
intel core_i3 2312m
intel core_i5 2380p
intel core_i7 4710mq
intel xeon_e3_1505l_v6 -
intel xeon_e5_1650_v4 -
intel pentium_j j4205
intel xeon e5603
intel xeon_e5_2643_v3 -
intel xeon_e3 1558l_v5
intel xeon_e3 1585l_v5
intel xeon_platinum 8160t
intel core_i7 3610qm
intel core_i7 4712hq
intel core_i3 380um
intel core_i7 3517u
intel core_i3 3217ue
intel core_i7 8650u
intel atom_c c2518
intel xeon e5530
intel xeon_e5 2697a_v4
intel xeon x5690
intel core_i5 6360u
intel core_i3 3220
intel xeon_e5_2430 -
intel core_i3 4110m
intel xeon_gold 6130t
canonical ubuntu_linux 16.04
intel xeon_e5_2403_v2 -
intel xeon_e5 2670
intel core_m 5y31
intel xeon_e3_1265l_v2 -
intel xeon_e3_1268l_v5 -
intel core_i5 2410m
intel xeon_e5_2637 -
intel core_i5 6600t
intel core_i7 2657m
intel core_i5 4400e
intel xeon x5550
intel xeon_e5_2630l_v2 -
intel atom_c c2750
intel core_i7 2700k
intel xeon_e5 4610_v2
intel xeon_e3_1275l_v3 -
intel xeon_e5_2618l_v2 -
intel core_i3 2330m
intel core_i3 3220t
intel atom_c c2550
intel xeon_e7 2803
intel core_m 5y51
netapp hci_compute_node -
intel core_i3 6098p
intel xeon_e5_2408l_v3 -
intel xeon_e5_2637_v3 -
arm cortex-a 15
intel core_i5 560um
intel core_i7 4810mq
intel core_i5 4200y
intel core_i3 3250t
intel core_i5 2500s
intel core_i7 660um
intel xeon_e5_2450l_v2 -
intel core_i5 750s
intel core_i7 875k
intel xeon_platinum 8176
intel core_i5 4670r
intel xeon x7560
intel core_i7 4790s
intel atom_z z3775
intel core_i7 860s
intel core_i5 2320
intel core_i3 350m
intel xeon_e3_1105c_v2 -
intel core_i3 4330te
intel core_i5 5300u
intel core_i7 4900mq
intel core_i5 4670
intel celeron_j j3455
intel core_i5 3330
intel xeon_e5 2658_v2
arm cortex-a 9
intel xeon_e7 2850_v2
intel xeon_e3_1275_v3 -
intel core_i7 4770r
intel core_i5 4350u
intel core_i5 6500te
intel xeon_e3_1231_v3 -
intel xeon_e3_1258l_v4 -
intel core_i3 2310e
intel core_i7 2860qm
intel core_i7 7700t
intel xeon x3440
intel xeon_e5_2450_v2 -
intel xeon_e5 4627_v3
intel core_i5 2540m
intel core_i5 8250u
intel core_i7 4770s
intel xeon_silver 4114t
intel core_i7 4550u
intel core_i7 3520m
intel pentium_n n3510
intel core_i5 4210y
intel core_i3 4025u
intel celeron_n n2815
intel xeon w3680
intel core_i7 5600u
intel core_i7 8700
intel xeon e5504
intel xeon_e3_1240_v5 -
intel xeon_e5_2448l -
intel core_i5 3470t
intel core_i5 520um
intel atom_c c2730
intel xeon w5590
intel core_m3 6y30
intel core_i3 4130
intel xeon_e7 2870
intel xeon_e5_2630l -
intel xeon_e7 2870_v2
intel xeon_e5 2699r_v4
intel core_i3 4030y
intel core_m5 6y54
intel core_i5 460m
intel xeon_gold 6152
intel xeon_e5 4627_v4
intel core_i3 2350m
intel core_i3 3120me
intel core_i5 8400
intel core_i7 640lm
intel core_i5 5250u
intel xeon_e5_2620_v3 -
intel atom_x5-e3940 -
intel core_i5 6267u
intel core_i5 6300hq
arm cortex-a 72
intel core_i5 660
intel xeon x3430
intel atom_z z3745d
intel xeon_e5_2609_v4 -
intel xeon_e3_1225_v6 -
intel xeon_e5_2643 -
intel atom_c c2738
intel xeon_platinum 8170m
intel core_i5 2405s
intel core_i5 661
intel xeon_e5 2658_v3
intel xeon_gold 6126t
intel xeon lc5518
intel xeon_e5 2699_v4
intel xeon_e5 4620
intel xeon_e7 8830
intel core_i7 7700k
canonical ubuntu_linux 17.10
intel core_i7 3615qm
intel xeon_e5_2420 -
intel core_i7 3517ue
intel core_i7 7600u
intel xeon_e5 2697_v4
intel core_i3 6167u
intel core_i3 5015u
intel atom_c c2558
intel core_i5 3437u
intel xeon_gold 6126f
intel xeon_e3_1286_v3 -
intel xeon_e3_1235l_v5 -
intel core_m3 7y30
intel xeon e5540
intel core_i5 6402p
intel atom_z z3775d
intel xeon_e3_1275 -
intel xeon_e5 2697_v3
intel celeron_n n3450
intel xeon_e5 2699_v3
intel atom_x7-e3950 -
intel xeon_e3 1535m_v5
intel xeon_e7 2860
intel core_i5 6500t
intel pentium_n n3520
intel xeon_e3_1230_v2 -
intel core_i7 4770k
intel xeon_e3_1245_v5 -
intel xeon_e5_1620_v4 -
intel atom_z z3735g
intel xeon_e7 4850_v3
intel xeon e7520
intel core_i5 4430s
intel xeon x5677
intel core_i3 330e
intel xeon_e7 8893_v3
intel pentium_j j2850
intel celeron_j j1800
intel xeon_e3_1225_v3 -
intel core_i5 4460
intel core_i3 2357m
intel xeon_e3_1270_v6 -
intel xeon_e7 4820
intel core_i7 3740qm
intel xeon_e7 4807
intel xeon_e3_1240_v6 -
oracle communications_diameter_signaling_router 8.3
intel core_i5 4330m
arm cortex-a 17
intel celeron_n n2805
intel pentium_n n3530
intel xeon_e5_2407_v2 -
intel core_i3 2370m
intel core_i5 6300u
intel core_i7 950
intel xeon_gold 6130f
intel core_i5 450m
canonical ubuntu_linux 12.04
intel xeon_e5 4650_v3
intel xeon_e3_1275_v5 -
intel xeon_e5 4669_v4
intel core_i5 5287u
intel celeron_j j3060
intel core_i5 3450s
intel core_i3 4340te
intel atom_z z3795
intel xeon_e7 4830_v2
intel core_i5 3350p
intel xeon_e3_1220_v3 -
intel celeron_n n2810
intel core_i3 4102e
intel xeon_e3 1585_v5
intel xeon_platinum 8160m
intel xeon_e5 4620_v4
intel core_m3 7y32
intel xeon_e5 4660_v4
intel xeon_e3_1245_v3 -
intel xeon_e3_1285l_v4 -
intel xeon_gold 6140
intel core_i5 5257u
arm cortex-a 75
intel core_i7 4702hq
intel core_i5 3570
intel xeon x5675
intel xeon_e7 8880l_v2
intel core_i5 3475s
canonical ubuntu_linux 18.04
intel atom_e e3845
intel xeon l5618
intel xeon_e5_2637_v2 -
intel core_i3 5157u
intel xeon_e5 2660_v3
intel xeon_e5_1428l_v3 -
intel core_i7 3770
intel atom_e e3826
intel core_i7 4910mq
intel core_i5 5350h
intel core_i7 3632qm
intel xeon_e3_1290_v2 -
intel xeon_e5_2418l -
intel xeon_e5_2628l_v4 -
intel xeon_phi 7290f
intel core_i3 4370
intel xeon_e7 8880l_v3
intel xeon_e5_2608l_v3 -
oracle vm_virtualbox *
intel core_i3 4030u
intel xeon_silver 4114
intel core_i7 920
intel core_i7 4600u
intel xeon_gold 5118
intel core_i5 6400t
intel xeon_e7 4860
intel xeon l5520
intel core_i7 7y75
intel core_i7 4610y
intel xeon_e3_1240_v3 -
intel core_i5 2400
intel core_i7 3612qm
intel core_i5 560m
intel xeon_e7 8880_v3
intel xeon_phi 7235
intel xeon_phi 7250
intel core_i3 550
intel core_i5 6200u
intel xeon_e7 8891_v2
intel core_i7 4980hq
intel core_i5 2500k
intel core_i3 2125
intel core_i5 4260u
intel atom_x3 c3130
intel xeon_gold 6132
intel xeon_e3_1280_v3 -
intel core_i3 3115c
intel xeon_phi 7290
intel core_i5 6400
intel core_i7 920xm
intel core_i7 870
intel core_i7 4790t
intel xeon_e3_1220_v5 -
intel xeon_e5_2643_v4 -
intel core_i7 660ue
intel core_i7 820qm
intel atom_x3 c3405
intel core_i7 4700hq
intel core_i7 8700k
intel xeon_e5 2660_v2
intel core_i5 4570s
intel xeon_e5 4650l
intel xeon_e7 8857_v2
intel atom_z z2580
intel xeon_gold 6136
intel core_i7 7820hq
intel xeon x6550
intel atom_z z3736f
intel xeon_gold 5120t
intel core_i3 3110m
intel core_i3 4110e
intel core_i3 560
intel xeon_bronze_3104 -
intel xeon_e3 1575m_v5
intel core_i7 4790
intel xeon_gold 5119t
intel xeon l5518
intel xeon_gold 6150
intel celeron_n n2930
intel core_i3 3217u
intel xeon_gold 6130
intel core_i3 2100
intel core_i7 3667u
intel xeon l5609
intel xeon_e3_1285l_v3 -
intel atom_c c2350
intel xeon_e3 1505m_v6
intel xeon_e5_2620 -
intel xeon_e5 4624l_v2
intel xeon_e5_2448l_v2 -
intel core_i5 4300u
intel core_i7 4785t
intel xeon x5670
canonical ubuntu_linux 17.04
intel core_i3 4170
intel xeon_e5_2428l_v3 -
intel xeon x7542
intel xeon_e3_1275_v6 -
intel xeon_platinum 8164
intel core_i3 4100e
intel core_i5 6260u
intel core_i3 2310m
intel core_i7 860
intel core_i7 2655le
intel core_i5 4288u
intel core_i3 5005u
intel xeon_e5_2430l -
intel core_i5 4360u
intel core_i5 2467m
intel core_i5 4402e
intel xeon_e5 2690_v2
intel xeon l7545
intel xeon_e5_2620_v2 -
intel xeon_gold 6134
debian debian_linux 9.0
intel xeon_e7 8890_v2
intel xeon_gold 6138
intel core_i7 2670qm
intel xeon_gold 5122
intel core_i3 4370t
intel core_i5 2310
intel xeon_e-1105c -
intel celeron_j j1750
intel xeon_e5 4610_v4
intel xeon x5570
intel xeon_e5 4610_v3
intel core_i7 2710qe
intel core_i3 2365m
intel xeon_e3_1276_v3 -
intel atom_c c3858
intel xeon_e5 4669_v3
intel xeon_e3_1245_v6 -
intel core_i7 2620m
intel core_i5 3317u
intel core_i7 4860hq
intel core_i5 2430m
intel xeon_e3_1270_v3 -
intel core_i7 620le
intel xeon_e5_2650l_v3 -
intel core_i5 5200u
intel celeron_n n2940
intel xeon_e3_1230_v3 -
intel core_i7 4770t
intel atom_c c3538
intel xeon x5650
intel xeon_gold 6142
intel xeon_gold 6142m
intel core_i5 3230m
intel atom_z z3770d
intel core_i3 2130
intel xeon_e5_1620 -
intel atom_c c3958
intel xeon_e5_2628l_v2 -
intel xeon e5606
intel xeon_phi 7230f
intel atom_z z2480
intel xeon_e3_1225 -
intel core_i7 4610m
intel xeon_e5 2680_v3
intel xeon_e5_2407 -
intel xeon_e7 4830_v3
intel core_i5 6600k
intel atom_c c2758
intel atom_c c2516
intel xeon_e5_2430l_v2 -
intel xeon_gold 5120
intel xeon_e7 4850
intel core_i5 4690s
intel core_i7 5850hq
intel xeon_e5 2687w_v4
intel xeon_e5 4667_v3
intel xeon_e7 8870
intel core_i3 3229y
intel xeon_e5_2609_v3 -
intel xeon_e7 8880_v2
intel xeon_e5_2630_v3 -
intel core_i3 8100
intel core_i7 7820eq
intel core_i5 4410e
intel core_i5 4690
intel core_i7 3687u
intel core_i7 4722hq
intel core_i7 4702ec
intel xeon_e3_1501m_v6 -
intel xeon_e5 2690_v3
intel xeon_e5 4628l_v4
intel xeon_e5_2618l_v3 -
intel core_i3 4005u
intel xeon_platinum 8176f
intel core_i7 7500u
intel xeon_e5_1630_v4 -
intel xeon_phi 7250f
intel xeon_e3_1281_v3 -
intel core_i5 6442eq
intel xeon_e7 2850
intel xeon x5680
intel core_i5 3610me
intel core_i5 2520m
intel core_i7 3555le
intel atom_z z3770
intel core_i7 7700
intel xeon_e3_1265l_v3 -
intel core_i3 370m
intel core_i7 3630qm
intel xeon_e5 2667_v4
oracle communications_diameter_signaling_router 8.2
intel atom_c c3750
intel core_i3 540
intel core_i5 3210m
intel pentium_n n4200
intel xeon_platinum 8170
intel xeon_e5_2640_v3 -
intel core_i7 4702mq
intel xeon_e7 2880_v2
intel core_i3 2120t
intel core_i3 6100
intel xeon l5530
intel xeon_e5_1650 -
intel xeon_e7 8870_v3
intel xeon_e5_2630_v4 -
intel core_i5 4570te
intel core_i7 2610ue
intel xeon_e7 8837
intel xeon_e5_2428l_v2 -
intel xeon_e3 1535m_v6
intel xeon_e3_1501l_v6 -
intel core_i7 940xm
intel xeon_gold 6126
intel xeon_e5 4667_v4
intel xeon_e5_2470_v2 -
intel atom_c c3758
intel core_i7 4700ec
intel core_i5 430m
intel xeon_e5 2660
intel xeon_e3_1268l_v3 -
intel xeon e5520
intel xeon_e5 2683_v3
intel xeon_e3_1265l_v4 -
intel core_i7 3770t
intel xeon_e5_1630_v3 -
intel core_i7 3720qm
intel xeon_e3_1285_v4 -
oracle communications_diameter_signaling_router 8.0.0
intel xeon_e7 8893_v4
intel xeon_e3_1235 -
intel xeon_e5_2428l -
intel xeon_e5 4627_v2
intel xeon_e5_2620_v4 -
intel core_i7 3610qe
intel xeon_e5 2680_v4
intel xeon_e5 4603_v2
intel xeon_e7 8893_v2
intel xeon_e5 4640_v3
intel xeon_e5_1650_v3 -
intel core_i7 5850eq
intel xeon_e3_1271_v3 -
intel core_i7 620um
intel core_m7 6y75
intel atom_z z3735d
intel xeon e5620
intel core_i5 4278u
intel core_i5 4310u
intel core_i7 4765t
intel xeon_gold 6134m
intel core_i5 520e
intel atom_x3 c3205rk
intel core_i7 5750hq
intel core_i3 3250
intel xeon_e5_1660_v4 -
intel core_i7 4700eq
intel core_i5 3340s
intel core_i5 4200h
intel xeon_e3_1225_v2 -
arm cortex-a 73
intel xeon ec5509
intel core_i7 4870hq
intel core_i5 760
intel core_i7 3615qe
intel celeron_n n4100
intel celeron_n n2910
oracle communications_diameter_signaling_router 8.1
intel atom_c c3955
intel core_i3 4160t
intel xeon_e3_1246_v3 -
intel xeon_e5 2658_v4
intel core_i7 740qm
intel celeron_j j4105
intel xeon_e5_2603_v4 -
intel core_i5 4430
intel core_i5 4440
intel core_i7 930
intel core_i5 3380m
intel xeon_phi 7285
intel xeon e5630
intel core_i5 3470s
intel xeon e5649
intel atom_x3 c3235rk
intel xeon_platinum 8180
intel core_m 5y70
intel core_i5 3320m
intel xeon_phi 7230
intel atom_z z2420
intel core_i5 6600
intel core_i3 6100h
intel xeon_e7 4820_v3
intel atom_e e3805
intel xeon_e5 2667_v3
intel atom_c c3850
intel xeon_e3_1280 -
intel core_i5 6500
intel xeon_e3_1230l_v3 -
intel xeon_e3_1226_v3 -
intel xeon_e5_2650_v2 -
intel xeon_e5_2603 -
intel xeon_e5_2630_v2 -
intel core_i7 2640m
intel core_i5 2500t
intel xeon_e5_2650l -
intel xeon_e7 4890_v2
intel xeon_e5_2450 -
intel atom_z z3460
intel xeon_platinum 8153
intel core_i5 3450
intel xeon_e7 8891_v4
intel core_i5 4202y
intel atom_z z3590
intel atom_c c2316
intel xeon_e5 4657l_v2
intel core_i5 8350u
intel celeron_n n2840
intel xeon l5640
intel celeron_n n2830
intel core_i7 3840qm
intel core_i5 2450m
intel core_i7 2760qm
intel core_i5 4590s
intel core_i5 6287u
intel xeon_e5_2628l_v3 -
intel core_i3 6100u
intel xeon_e5 2667_v2
intel xeon_e7 4809_v4
intel core_i3 2377m
intel core_i5 4200u
intel xeon_gold 6128
intel core_i5 430um
intel core_i7 7700hq
intel xeon_e5_2640_v4 -
intel core_i5 540um
intel xeon_e3_1260l_v5 -
intel celeron_n n2806
intel xeon_e3_1220l_v3 -
intel core_i5 4570
intel core_i5 4200m
intel core_i7 4710hq
intel xeon_e3_1280_v6 -
intel core_i5 3570t
intel core_i5 670
intel xeon x3480
intel core_i5 750
intel core_i5 3470
intel atom_z z3745
intel xeon ec5549
intel core_i7 720qm
intel xeon w3670
intel xeon_e3_1270_v5 -
intel core_i7 5650u
intel xeon_e3_1240_v2 -
intel xeon_e3 1515m_v5
intel core_i5 4308u
intel core_i7 4770hq
intel xeon_platinum 8156
intel core_i5 470um
intel xeon l3406
intel core_i7 2600
intel xeon_e5_2440 -
intel core_i5 8600k
intel xeon_e5_1620_v2 -
intel xeon_e7 4870_v2
intel xeon_e5_2403 -
intel xeon x3460
intel core_i5 4402ec
intel xeon_e5_2650 -
intel xeon x5672
intel xeon_e3_1240l_v3 -
intel core_i5 3427u
intel atom_e e3815
intel xeon e6540
intel xeon_e7 8894_v4
intel xeon_silver 4109t
intel atom_z z2560
netapp solidfire -
intel xeon_e7 8850_v2
intel atom_c c2308
intel xeon_e5 2650l_v4
intel xeon_e5 2690_v4
intel core_i7 4700mq
intel core_i5 520m
intel xeon l5508
intel core_i5 4460t
intel atom_c c3808
intel atom_z z2520
intel xeon_e3_1286l_v3 -
intel xeon_e5 2695_v2
intel celeron_n n3350
intel core_i5 4210h
intel core_i3 3240t
intel xeon_e5_1660_v2 -
intel core_i5 2500
intel core_i7 610e
intel xeon_e5 2670_v3
intel xeon_bronze_3106 -
intel core_i5 540m
intel atom_z z3735f
intel core_i7 5550u
intel xeon_e5_2650_v4 -
intel core_i5 3570s
intel atom_z z3570
intel core_i3 4010u
intel core_i3 4350t
intel core_i5 2557m
intel core_i5 6440eq
intel xeon_e5_2640_v2 -
intel celeron_j j3160
intel xeon_e3_1220 -
intel xeon_e5_2630l_v4 -
intel xeon_silver 4112
intel xeon_e5_1428l -
intel xeon_e7 4830
intel xeon_e5_2603_v2 -
intel xeon_gold 6146
intel core_i7 3820qm
intel core_i3 6100e
intel core_i5 650
intel xeon_e7 8850
intel atom_x3 c3445
intel xeon e5645
intel xeon_platinum 8160f
intel core_i7 4720hq
intel atom_c c3308
intel xeon_e7 8860_v3
intel core_i7 2715qe
intel core_i3 2100t
intel core_m 5y71
intel atom_c c3338
intel core_i3 6300t
intel xeon_gold 6144
intel xeon_platinum 8176m
intel xeon_e5_1660_v3 -
intel core_i3 4330t
intel core_i7 620lm
intel core_i7 880
intel xeon_e5 2660_v4
intel xeon_e3_1220_v6 -
intel core_i3 8350k
intel core_i7 620ue
intel xeon_e5_1660 -
intel core_i5 3340m
intel core_i3 2328m
intel core_i3 4360t
intel core_i3 4100u
intel core_i7 2720qm
intel xeon_e5 2687w
intel xeon_e5_2603_v3 -
intel celeron_j j4005
intel xeon_gold 6148
intel core_i5 4670t
intel atom_z z2760
intel xeon_e3_1270_v2 -
intel xeon_e5_2643_v2 -
intel core_i7 4510u
intel xeon_e7 4850_v4
intel xeon_e5_2648l_v2 -
intel xeon_e3_1245 -
intel core_i7 990x
intel core_i7 3537u
intel xeon_e5 2690
intel core_i7 4712mq
intel xeon_e5_2637_v4 -
intel core_i7 2649m
intel xeon_e5 4603
intel xeon_e3_1241_v3 -
intel xeon_e5 4640
intel xeon lc5528
intel core_i5 5675r
intel xeon_e7 4820_v4
intel xeon_e3_1230_v5 -
intel core_i3 4012y
intel core_i5 4670s
intel xeon x5560
intel xeon_e3_1270 -
intel xeon_e5 2699a_v4
intel xeon_e5 4660_v3
intel xeon_e3_1278l_v4 -
intel pentium_j j3710
intel core_i3 5010u
intel xeon e5506
intel xeon_e5 2670_v2
intel core_i5 4690t
intel core_i5 5350u
intel core_i7 965
intel xeon_e3_1125c -
intel xeon_e3_1260l -
intel core_i3 330m
intel core_i7 4800mq
intel atom_x3 c3200rk
intel atom_z z3736g
intel celeron_n n3050
intel core_i5 2435m
intel xeon_gold 6148f
intel core_i7 980
intel xeon x7550
intel xeon_e5 4650
intel xeon_silver 4116t
intel core_i7 940
intel core_i7 4770
intel core_i3 3227u
intel celeron_n n2808
intel xeon_phi 7210f
intel xeon l5638
intel xeon_e5_2418l_v3 -
intel celeron_j j1900
intel xeon_e5_2618l_v4 -
intel xeon_e3_1290 -
intel core_i5 4220y
intel celeron_n n3150
intel xeon x5687
intel core_i5 3550s
intel xeon_e3_1245_v2 -
intel xeon_silver 4108
intel core_i7 8550u
intel xeon_e7 2830
intel core_i7 2617m
intel atom_c c2530
intel xeon_e3 1578l_v5
intel core_i3 3240
intel core_i7 4650u
intel xeon_e5_1650_v2 -
arm cortex-a 57
intel core_i3 380m
intel core_i3 390m
intel core_i5 4570r
intel core_i5 4258u
intel xeon_e5 2687w_v2
intel atom_c c2538
intel core_i5 655k
intel core_i7 620m
intel xeon_e5_2640 -
intel xeon_e3 1545m_v5
intel xeon_e3_12201_v2 -
intel core_i3 2330e
intel xeon_e5 2683_v4
intel core_i5 2390t
intel core_i3 6100t
intel core_i7 4790k
intel xeon_e5_2450l -
intel core_i5 2537m
intel xeon_e5 2658
intel core_i3 6300
intel xeon_e5_2609_v2 -
intel core_i3 4100m
intel xeon_e5_1680_v3 -
intel xeon e7530
intel atom_c c3508
intel atom_z z3580
intel xeon_e3_1280_v2 -
intel xeon_e5 4620_v2
intel xeon_e5_2630 -
intel core_i3 2340ue
intel xeon_e7 2820
intel xeon_e5 4640_v2
intel xeon_e5_2609 -
intel core_i7 4960hq
intel atom_z z3785
intel xeon_e5 2665
intel core_i3 3225
intel core_i7 2677m
intel xeon_e3_12201 -
intel pentium_n n3540
intel xeon_e5_2438l_v3 -
intel core_i3 5020u
intel xeon_phi 7210
intel core_i7 2920xm
intel core_i5 2510e
intel core_i3 4330
intel xeon_e3_1240 -
intel xeon x5667
intel xeon_gold 6154
intel core_i5 4690k
intel xeon l5630
intel celeron_n n3060
canonical ubuntu_linux 14.04
intel core_i7 640um
intel atom_c c2358
intel core_i7 5557u
intel celeron_n n3160
intel xeon_e5_2430_v2 -
intel xeon_e5_2623_v3 -
intel core_i7 4850hq
intel xeon_platinum 8160
intel xeon_gold 5115
intel xeon_e7 8891_v3
intel core_i7 3540m
intel core_i5 2450p
intel celeron_n n2807
intel core_i3 2105
intel xeon_e7 4880_v2
intel core_i3 2348m
intel core_i7 7920hq
intel core_i3 3210
intel xeon_e5_2470 -
intel xeon_e7 4820_v2
intel core_i7 2635qm
intel core_i7 2820qm
intel core_i5 4300m
intel core_i5 4460s
intel core_m 5y10
intel atom_e e3827
intel xeon e5640
intel xeon_e5 4648_v3
intel xeon_e5_2623_v4 -
intel core_i5 3360m
intel core_i7 3689y
intel xeon_e5 2698_v3
intel xeon_e5 4655_v4
intel xeon_e5_1620_v3 -
intel xeon_e3_1505l_v5 -
intel core_i5 4310m
intel core_m 5y10c
intel core_i5 3330s
intel core_i3 4010y
intel core_i5 4300y
intel core_i3 4000m
intel core_i5 6685r
intel xeon_e5_2608l_v4 -
intel core_i3 4130t
intel xeon_e7 8890_v4
intel core_i7 4558u
intel atom_z z3740d
intel core_i5 4302y
intel core_i3 4350
intel core_i5 3570k
intel atom_c c3558
intel core_i7 4600m
intel xeon_e5_2420_v2 -
intel xeon x5660
intel xeon_e5_2650l_v2 -
intel xeon_e7 4809_v3
intel atom_x5-e3930 -
intel core_i3 4150t
intel core_i7 2630qm
intel core_i5 4210m
intel xeon_e7 8867_v4
intel core_i5 3339y
intel xeon_e5_1428l_v2 -
intel celeron_n n3000
intel core_i7 2600k
intel xeon_e7 4830_v4
intel xeon_e7 8870_v2
intel atom_z z3740
intel xeon_e5 4607
intel core_i5 4422e
intel core_i7 5500u
intel core_i3 6006u
intel atom_c c3708
intel atom_x3 c3295rk
intel xeon_e7 4850_v2
intel core_i5 6585r
intel xeon_e5_2440_v2 -
intel xeon_e3_1240l_v5 -
intel atom_z z2460
intel atom_z z3480
intel xeon_e5_2648l_v3 -
intel core_i5 6440hq
intel core_i3 3120m
intel core_i5 3340
intel core_i7 2960xm
intel core_i3 4120u
intel core_i7 970
intel atom_z z3530
intel core_i3 6320
intel core_i5 4210u
intel xeon_e5_2648l -
intel core_i3 2115c
intel xeon_e5 2680_v2
intel xeon_e5 2695_v4
intel core_i7 3770s
intel xeon_e5 4620_v3
intel core_i7 4771
intel xeon_e3_1285_v3 -
intel core_i5 2515e
intel celeron_n n3010
intel core_i7 5950hq
intel atom_c c3950
intel xeon_e3 1565l_v5
siemens simatic_winac_rtx_(f)_firmware 2010
intel xeon_platinum 8168
intel core_i5 3337u
intel core_i7 2629m
intel core_i3 2375m
intel core_i7 4770te
intel xeon_e7 8870_v4
intel core_i7 2637m
intel core_i5 4670k
intel xeon_e7 8867l
intel core_i3 4340
intel atom_c c2718
intel atom_z z3735e
intel celeron_n n2820
intel atom_c c3830
intel core_i7 4750hq
intel xeon e5507
intel xeon_gold 6138t
intel xeon_e7 4809_v2
intel core_i7 7560u
intel xeon_e5 2698_v4
intel core_i5 2550k
intel xeon_e5 2695_v3
intel xeon_gold 6138f
intel core_i5 4590t
intel core_i5 4570t
intel atom_e e3825
intel xeon_e5 2687w_v3
intel xeon_e5 4617
intel core_i3 4160
intel xeon_e3_1505m_v5 -
intel xeon_e5_1680_v4 -
intel core_i7 5775r
intel core_i5 580m
intel core_i3 4112e
intel core_i3 6157u
CVE-2017-5753 MEDIUM

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.6 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N 1.1 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-203,

Products Affected

Vendor Product Version
intel celeron_n n4000
intel core_i3 6100te
intel core_i7 840qm
intel pentium_j j2900
netapp hci -
intel xeon_e3_1230_v6 -
intel xeon_e5 4607_v2
intel core_i7 5700hq
intel core_i7 660lm
intel xeon_gold 6140m
intel core_i7 5700eq
intel core_i7 960
intel core_i3 2120
intel xeon l5506
intel core_i7 7820hk
intel xeon e7540
intel core_i5 4250u
intel core_i3 330um
phoenixcontact el_ppc_1000_firmware -
intel core_i7 680um
intel xeon_e5 4640_v4
arm cortex-a9_firmware -
intel core_i7 2675qm
intel xeon_e7 8860_v4
intel core_i7 975
phoenixcontact bl2_bpc_7000_firmware -
intel core_i3 4360
arm cortex-a76_firmware -
intel xeon_silver 4110
intel core_i5 680
intel core_i7 640m
intel xeon_e7 4860_v2
intel xeon x5647
intel xeon_e5_2650_v3 -
phoenixcontact bl_ppc_1000_firmware -
intel core_i5 5675c
intel xeon_e3_1280_v5 -
intel pentium_n n3700
intel celeron_j j3355
intel core_m5 6y57
intel xeon_e7 8890_v3
intel xeon_e5 4610
intel xeon ec5539
intel xeon_e3_1285_v6 -
intel xeon_e5 2697_v2
intel xeon_e5_2630l_v3 -
intel core_i5 480m
phoenixcontact bl2_ppc_2000_firmware -
intel xeon_e5 4650_v4
intel xeon_e3_1230 -
intel atom_x3 c3230rk
intel atom_z z3560
intel core_i5 4340m
intel core_i7 870s
arm cortex-a78_firmware -
intel core_i5 2300
intel xeon e5502
intel core_m 5y10a
intel xeon_e5 2658a_v3
arm cortex-r8_firmware -
intel xeon_e5 4655_v3
intel xeon w3690
intel xeon_e3_1220_v2 -
intel xeon_e5 2680
intel core_i3 4158u
intel core_i3 6102e
intel xeon_platinum 8158
intel xeon e6510
phoenixcontact dl_ppc15m_7000_firmware -
intel atom_c c2508
intel xeon_e3_1275_v2 -
intel core_i5 5575r
intel core_i7 2600s
intel xeon e5503
intel core_i5 2400s
intel core_i7 3770k
intel core_i3 4150
intel core_i7 4578u
intel core_i5 3439y
intel core_i5 4440s
intel xeon_e5 4650_v2
intel celeron_n n2920
intel xeon_e5_2418l_v2 -
synology diskstation_manager *
intel core_i7 7567u
intel atom_c c2338
intel core_i3 2367m
intel xeon_e7 2890_v2
intel xeon_gold 6142f
intel xeon e5607
intel xeon_e7 8860
intel xeon_silver 4116
intel core_i3 4170t
intel core_i7 4760hq
intel pentium_n n3710
intel xeon l7555
intel core_i5 4590
intel core_i7 3612qe
intel core_i3 3245
intel core_i7 980x
intel core_i7 4950hq
arm cortex-a8_firmware -
intel core_i5 3550
intel xeon_e7 4870
intel celeron_j j1850
suse suse_linux_enterprise_desktop 12
intel xeon_e3_1225_v5 -
intel xeon_e7 8880_v4
intel xeon_e5 2667
intel xeon x3470
intel core_i7 3635qm
intel xeon_e3_1125c_v2 -
intel core_i7 5775c
intel xeon_e5_2648l_v4 -
intel atom_x3 c3265rk
intel core_i7 4500u
intel xeon_e7 8867_v3
debian debian_linux 8.0
intel xeon x3450
intel core_i7 7660u
arm cortex-a77_firmware -
intel xeon w5580
intel core_i3 2102
intel core_i3 4020y
intel core_i5 6350hq
intel xeon_phi 7295
intel xeon l3426
intel core_i3 530
intel core_i3 3130m
intel core_i3 2312m
intel core_i5 2380p
intel core_i7 4710mq
intel xeon_e3_1505l_v6 -
intel xeon_e5_1650_v4 -
intel pentium_j j4205
intel xeon e5603
intel xeon_e5_2643_v3 -
phoenixcontact vl_bpc_2000_firmware -
intel xeon_e3 1558l_v5
intel xeon_e3 1585l_v5
intel xeon_platinum 8160t
intel core_i7 3610qm
intel core_i7 4712hq
intel core_i3 380um
intel core_i7 3517u
intel core_i3 3217ue
intel core_i7 8650u
intel atom_c c2518
intel xeon e5530
intel xeon_e5 2697a_v4
intel xeon x5690
intel core_i5 6360u
intel core_i3 3220
intel xeon_e5_2430 -
intel core_i3 4110m
intel xeon_gold 6130t
canonical ubuntu_linux 16.04
intel xeon_e5_2403_v2 -
intel xeon_e5 2670
intel core_m 5y31
intel xeon_e3_1265l_v2 -
intel xeon_e3_1268l_v5 -
intel core_i5 2410m
intel xeon_e5_2637 -
intel core_i5 6600t
intel core_i7 2657m
intel core_i5 4400e
intel xeon x5550
intel xeon_e5_2630l_v2 -
intel atom_c c2750
intel core_i7 2700k
intel xeon_e5 4610_v2
intel xeon_e3_1275l_v3 -
intel xeon_e5_2618l_v2 -
intel core_i3 2330m
intel core_i3 3220t
intel atom_c c2550
intel xeon_e7 2803
intel core_m 5y51
phoenixcontact vl2_ppc9_1000_firmware -
intel core_i3 6098p
intel xeon_e5_2408l_v3 -
intel xeon_e5_2637_v3 -
intel core_i5 560um
oracle local_service_management_system 13.2
phoenixcontact el_ppc_1000/wt_firmware -
phoenixcontact vl2_ppc_7000_firmware -
intel core_i7 4810mq
intel core_i5 4200y
arm cortex-a72_firmware -
intel core_i3 3250t
intel core_i5 2500s
intel core_i7 660um
intel xeon_e5_2450l_v2 -
intel core_i5 750s
intel core_i7 875k
intel xeon_platinum 8176
intel core_i5 4670r
intel xeon x7560
intel core_i7 4790s
intel atom_z z3775
phoenixcontact bl_bpc_3000_firmware -
intel core_i7 860s
oracle solaris 11.3
vmware esxi 5.5.0
intel core_i5 2320
intel core_i3 350m
intel xeon_e3_1105c_v2 -
intel core_i3 4330te
intel core_i5 5300u
intel core_i7 4900mq
intel core_i5 4670
intel celeron_j j3455
intel core_i5 3330
intel xeon_e5 2658_v2
intel xeon_e7 2850_v2
arm cortex-a73_firmware -
intel xeon_e3_1275_v3 -
intel core_i7 4770r
intel core_i5 4350u
intel core_i5 6500te
intel xeon_e3_1231_v3 -
intel xeon_e3_1258l_v4 -
intel core_i3 2310e
intel core_i7 2860qm
intel core_i7 7700t
intel xeon x3440
intel xeon_e5_2450_v2 -
intel xeon_e5 4627_v3
intel core_i5 2540m
intel core_i5 8250u
intel core_i7 4770s
intel xeon_silver 4114t
intel core_i7 4550u
phoenixcontact bl_ppc15_3000_firmware -
opensuse leap 42.2
intel core_i7 3520m
intel pentium_n n3510
intel core_i5 4210y
intel core_i3 4025u
intel celeron_n n2815
intel xeon w3680
intel core_i7 5600u
intel core_i7 8700
phoenixcontact vl2_ppc_2000_firmware -
intel xeon e5504
intel xeon_e3_1240_v5 -
intel xeon_e5_2448l -
intel core_i5 3470t
phoenixcontact bl_rackmount_4u_firmware -
intel core_i5 520um
intel atom_c c2730
intel xeon w5590
intel core_m3 6y30
intel core_i3 4130
intel xeon_e7 2870
intel xeon_e5_2630l -
intel xeon_e7 2870_v2
intel xeon_e5 2699r_v4
intel core_i3 4030y
intel core_m5 6y54
intel core_i5 460m
intel xeon_gold 6152
intel xeon_e5 4627_v4
intel core_i3 2350m
intel core_i3 3120me
intel core_i5 8400
intel core_i7 640lm
intel core_i5 5250u
intel xeon_e5_2620_v3 -
intel atom_x5-e3940 -
intel core_i5 6267u
intel core_i5 6300hq
intel core_i5 660
intel xeon x3430
intel atom_z z3745d
intel xeon_e5_2609_v4 -
intel xeon_e3_1225_v6 -
intel xeon_e5_2643 -
intel atom_c c2738
phoenixcontact bl_bpc_2000_firmware -
intel xeon_platinum 8170m
intel core_i5 2405s
intel core_i5 661
intel xeon_e5 2658_v3
intel xeon_gold 6126t
intel xeon lc5518
intel xeon_e5 2699_v4
intel xeon_e5 4620
intel xeon_e7 8830
intel core_i7 7700k
canonical ubuntu_linux 17.10
intel core_i7 3615qm
intel xeon_e5_2420 -
intel core_i7 3517ue
intel core_i7 7600u
intel xeon_e5 2697_v4
intel core_i3 6167u
intel core_i3 5015u
intel atom_c c2558
intel core_i5 3437u
phoenixcontact bl2_bpc_1000_firmware -
intel xeon_gold 6126f
intel xeon_e3_1286_v3 -
intel xeon_e3_1235l_v5 -
intel core_m3 7y30
intel xeon e5540
intel core_i5 6402p
intel atom_z z3775d
intel xeon_e3_1275 -
intel xeon_e5 2697_v3
arm cortex-a12_firmware -
intel celeron_n n3450
intel xeon_e5 2699_v3
intel atom_x7-e3950 -
intel xeon_e3 1535m_v5
synology virtual_machine_manager *
intel xeon_e7 2860
intel core_i5 6500t
intel pentium_n n3520
intel xeon_e3_1230_v2 -
phoenixcontact vl2_bpc_9000_firmware -
intel core_i7 4770k
intel xeon_e3_1245_v5 -
intel xeon_e5_1620_v4 -
phoenixcontact bl_rackmount_2u_firmware -
intel atom_z z3735g
intel xeon_e7 4850_v3
intel xeon e7520
intel core_i5 4430s
intel xeon x5677
intel core_i3 330e
intel xeon_e7 8893_v3
intel pentium_j j2850
intel celeron_j j1800
intel xeon_e3_1225_v3 -
intel core_i5 4460
intel core_i3 2357m
intel xeon_e3_1270_v6 -
intel xeon_e7 4820
intel core_i7 3740qm
phoenixcontact bl_ppc15_7000_firmware -
intel xeon_e7 4807
intel xeon_e3_1240_v6 -
intel core_i5 4330m
intel celeron_n n2805
intel pentium_n n3530
intel xeon_e5_2407_v2 -
intel core_i3 2370m
intel core_i5 6300u
intel core_i7 950
intel xeon_gold 6130f
intel core_i5 450m
canonical ubuntu_linux 12.04
intel xeon_e5 4650_v3
intel xeon_e3_1275_v5 -
intel xeon_e5 4669_v4
intel core_i5 5287u
intel celeron_j j3060
intel core_i5 3450s
intel core_i3 4340te
intel atom_z z3795
intel xeon_e7 4830_v2
intel core_i5 3350p
phoenixcontact vl2_bpc_3000_firmware -
intel xeon_e3_1220_v3 -
intel celeron_n n2810
intel core_i3 4102e
intel xeon_e3 1585_v5
intel xeon_platinum 8160m
intel xeon_e5 4620_v4
intel core_m3 7y32
intel xeon_e5 4660_v4
siemens simatic_itc1500_firmware *
intel xeon_e3_1245_v3 -
intel xeon_e3_1285l_v4 -
intel xeon_gold 6140
intel core_i5 5257u
suse suse_linux_enterprise_server 12
phoenixcontact bl_ppc12_1000_firmware -
intel core_i7 4702hq
intel core_i5 3570
intel xeon x5675
intel xeon_e7 8880l_v2
intel core_i5 3475s
intel atom_e e3845
intel xeon l5618
intel xeon_e5_2637_v2 -
intel core_i3 5157u
intel xeon_e5 2660_v3
intel xeon_e5_1428l_v3 -
intel core_i7 3770
intel atom_e e3826
intel core_i7 4910mq
intel core_i5 5350h
intel core_i7 3632qm
intel xeon_e3_1290_v2 -
intel xeon_e5_2418l -
intel xeon_e5_2628l_v4 -
intel xeon_phi 7290f
intel core_i3 4370
intel xeon_e7 8880l_v3
intel xeon_e5_2608l_v3 -
intel core_i3 4030u
intel xeon_silver 4114
intel core_i7 920
intel core_i7 4600u
intel xeon_gold 5118
intel core_i5 6400t
intel xeon_e7 4860
intel xeon l5520
intel core_i7 7y75
intel core_i7 4610y
intel xeon_e3_1240_v3 -
intel core_i5 2400
intel core_i7 3612qm
intel core_i5 560m
intel xeon_e7 8880_v3
intel xeon_phi 7235
intel xeon_phi 7250
intel core_i3 550
intel core_i5 6200u
intel xeon_e7 8891_v2
intel core_i7 4980hq
intel core_i5 2500k
intel core_i3 2125
intel core_i5 4260u
intel atom_x3 c3130
intel xeon_gold 6132
intel xeon_e3_1280_v3 -
intel core_i3 3115c
intel xeon_phi 7290
intel core_i5 6400
intel core_i7 920xm
arm neoverse_n1_firmware -
intel core_i7 870
intel core_i7 4790t
intel xeon_e3_1220_v5 -
intel xeon_e5_2643_v4 -
intel core_i7 660ue
intel core_i7 820qm
intel atom_x3 c3405
intel core_i7 4700hq
intel core_i7 8700k
intel xeon_e5 2660_v2
intel core_i5 4570s
intel xeon_e5 4650l
intel xeon_e7 8857_v2
intel atom_z z2580
intel xeon_gold 6136
phoenixcontact vl2_ppc_1000_firmware -
intel core_i7 7820hq
intel xeon x6550
intel atom_z z3736f
intel xeon_gold 5120t
intel core_i3 3110m
intel core_i3 4110e
intel core_i3 560
intel xeon_bronze_3104 -
siemens simatic_itc1500_pro_firmware *
vmware esxi 6.0
intel xeon_e3 1575m_v5
intel core_i7 4790
intel xeon_gold 5119t
intel xeon l5518
intel xeon_gold 6150
intel celeron_n n2930
intel core_i3 3217u
intel xeon_gold 6130
synology router_manager *
intel core_i3 2100
intel core_i7 3667u
intel xeon l5609
intel xeon_e3_1285l_v3 -
synology vs960hd_firmware -
intel atom_c c2350
intel xeon_e3 1505m_v6
intel xeon_e5_2620 -
intel xeon_e5 4624l_v2
intel xeon_e5_2448l_v2 -
intel core_i5 4300u
intel core_i7 4785t
intel xeon x5670
canonical ubuntu_linux 17.04
intel core_i3 4170
intel xeon_e5_2428l_v3 -
intel xeon x7542
intel xeon_e3_1275_v6 -
intel xeon_platinum 8164
phoenixcontact bl_bpc_2001_firmware -
intel core_i3 4100e
intel core_i5 6260u
intel core_i3 2310m
intel core_i7 860
intel core_i7 2655le
intel core_i5 4288u
intel core_i3 5005u
intel xeon_e5_2430l -
intel core_i5 4360u
intel core_i5 2467m
intel core_i5 4402e
intel xeon_e5 2690_v2
intel xeon l7545
intel xeon_e5_2620_v2 -
intel xeon_gold 6134
debian debian_linux 9.0
intel xeon_e7 8890_v2
intel xeon_gold 6138
intel core_i7 2670qm
intel xeon_gold 5122
suse suse_linux_enterprise_software_development_kit 12
intel core_i3 4370t
intel core_i5 2310
intel xeon_e-1105c -
intel celeron_j j1750
intel xeon_e5 4610_v4
intel xeon x5570
intel xeon_e5 4610_v3
intel core_i7 2710qe
intel core_i3 2365m
intel xeon_e3_1276_v3 -
intel atom_c c3858
intel xeon_e5 4669_v3
intel xeon_e3_1245_v6 -
intel core_i7 2620m
phoenixcontact vl_ppc_2000_firmware -
intel core_i5 3317u
intel core_i7 4860hq
phoenixcontact bl2_ppc_7000_firmware -
intel core_i5 2430m
intel xeon_e3_1270_v3 -
intel core_i7 620le
intel xeon_e5_2650l_v3 -
intel core_i5 5200u
intel celeron_n n2940
intel xeon_e3_1230_v3 -
intel core_i7 4770t
intel atom_c c3538
intel xeon x5650
intel xeon_gold 6142
intel xeon_gold 6142m
intel core_i5 3230m
intel atom_z z3770d
intel core_i3 2130
intel xeon_e5_1620 -
intel atom_c c3958
intel xeon_e5_2628l_v2 -
intel xeon e5606
intel xeon_phi 7230f
siemens simatic_winac_rtx_(f)_2010_firmware *
phoenixcontact vl_ipc_p7000_firmware -
intel atom_z z2480
intel xeon_e3_1225 -
intel core_i7 4610m
intel xeon_e5 2680_v3
intel xeon_e5_2407 -
intel xeon_e7 4830_v3
intel core_i5 6600k
phoenixcontact bl_bpc_7001_firmware -
intel atom_c c2758
intel atom_c c2516
intel xeon_e5_2430l_v2 -
intel xeon_gold 5120
intel xeon_e7 4850
intel core_i5 4690s
intel core_i7 5850hq
intel xeon_e5 2687w_v4
intel xeon_e5 4667_v3
intel xeon_e7 8870
intel core_i3 3229y
intel xeon_e5_2609_v3 -
intel xeon_e7 8880_v2
intel xeon_e5_2630_v3 -
intel core_i3 8100
intel core_i7 7820eq
intel core_i5 4410e
intel core_i5 4690
intel core_i7 3687u
intel core_i7 4722hq
intel core_i7 4702ec
intel xeon_e3_1501m_v6 -
intel xeon_e5 2690_v3
intel xeon_e5 4628l_v4
intel xeon_e5_2618l_v3 -
intel core_i3 4005u
intel xeon_platinum 8176f
intel core_i7 7500u
intel xeon_e5_1630_v4 -
intel xeon_phi 7250f
intel xeon_e3_1281_v3 -
intel core_i5 6442eq
intel xeon_e7 2850
intel xeon x5680
intel core_i5 3610me
intel core_i5 2520m
arm cortex-a17_firmware -
intel core_i7 3555le
intel atom_z z3770
intel core_i7 7700
intel xeon_e3_1265l_v3 -
intel core_i3 370m
intel core_i7 3630qm
intel xeon_e5 2667_v4
intel atom_c c3750
intel core_i3 540
intel core_i5 3210m
phoenixcontact bl_bpc_3001_firmware -
intel pentium_n n4200
intel xeon_platinum 8170
intel xeon_e5_2640_v3 -
intel core_i7 4702mq
intel xeon_e7 2880_v2
intel core_i3 2120t
suse suse_linux_enterprise_server 11
intel core_i3 6100
intel xeon l5530
intel xeon_e5_1650 -
intel xeon_e7 8870_v3
intel xeon_e5_2630_v4 -
intel core_i5 4570te
intel core_i7 2610ue
intel xeon_e7 8837
intel xeon_e5_2428l_v2 -
intel xeon_e3 1535m_v6
intel xeon_e3_1501l_v6 -
intel core_i7 940xm
intel xeon_gold 6126
intel xeon_e5 4667_v4
intel xeon_e5_2470_v2 -
intel atom_c c3758
intel core_i7 4700ec
arm cortex-r7_firmware -
intel core_i5 430m
intel xeon_e5 2660
phoenixcontact dl_ppc15_1000_firmware -
intel xeon_e3_1268l_v3 -
intel xeon e5520
intel xeon_e5 2683_v3
intel xeon_e3_1265l_v4 -
intel core_i7 3770t
intel xeon_e5_1630_v3 -
intel core_i7 3720qm
intel xeon_e3_1285_v4 -
intel xeon_e7 8893_v4
intel xeon_e3_1235 -
intel xeon_e5_2428l -
intel xeon_e5 4627_v2
intel xeon_e5_2620_v4 -
intel core_i7 3610qe
intel xeon_e5 2680_v4
intel xeon_e5 4603_v2
intel xeon_e7 8893_v2
intel xeon_e5 4640_v3
intel xeon_e5_1650_v3 -
intel core_i7 5850eq
intel xeon_e3_1271_v3 -
intel core_i7 620um
intel core_m7 6y75
phoenixcontact bl2_bpc_2000_firmware -
intel atom_z z3735d
intel xeon e5620
intel core_i5 4278u
intel core_i5 4310u
intel core_i7 4765t
intel xeon_gold 6134m
intel core_i5 520e
intel atom_x3 c3205rk
intel core_i7 5750hq
intel core_i3 3250
intel xeon_e5_1660_v4 -
intel core_i7 4700eq
intel core_i5 3340s
intel core_i5 4200h
intel xeon_e3_1225_v2 -
intel xeon ec5509
intel core_i7 4870hq
phoenixcontact bl_ppc17_3000_firmware -
siemens simatic_winac_rtx_(f)_2010_firmware 2010
intel core_i5 760
intel core_i7 3615qe
intel celeron_n n4100
intel celeron_n n2910
intel atom_c c3955
intel core_i3 4160t
intel xeon_e3_1246_v3 -
intel xeon_e5 2658_v4
intel core_i7 740qm
intel celeron_j j4105
intel xeon_e5_2603_v4 -
oracle local_service_management_system 13.1
intel core_i5 4430
intel core_i5 4440
intel core_i7 930
intel core_i5 3380m
intel xeon_phi 7285
intel xeon e5630
intel core_i5 3470s
intel xeon e5649
intel atom_x3 c3235rk
intel xeon_platinum 8180
intel core_m 5y70
opensuse leap 42.3
intel core_i5 3320m
suse suse_linux_enterprise_software_development_kit 11
intel xeon_phi 7230
intel atom_z z2420
intel core_i5 6600
intel core_i3 6100h
intel xeon_e7 4820_v3
phoenixcontact vl2_ppc_9000_firmware -
intel atom_e e3805
intel xeon_e5 2667_v3
intel atom_c c3850
intel xeon_e3_1280 -
intel core_i5 6500
intel xeon_e3_1230l_v3 -
intel xeon_e3_1226_v3 -
intel xeon_e5_2650_v2 -
intel xeon_e5_2603 -
intel xeon_e5_2630_v2 -
intel core_i7 2640m
intel core_i5 2500t
intel xeon_e5_2650l -
intel xeon_e7 4890_v2
intel xeon_e5_2450 -
intel atom_z z3460
intel xeon_platinum 8153
phoenixcontact vl2_bpc_1000_firmware -
intel core_i5 3450
intel xeon_e7 8891_v4
intel core_i5 4202y
intel atom_z z3590
intel atom_c c2316
intel xeon_e5 4657l_v2
intel core_i5 8350u
intel celeron_n n2840
intel xeon l5640
intel celeron_n n2830
intel core_i7 3840qm
intel core_i5 2450m
intel core_i7 2760qm
intel core_i5 4590s
intel core_i5 6287u
intel xeon_e5_2628l_v3 -
intel core_i3 6100u
intel xeon_e5 2667_v2
intel xeon_e7 4809_v4
intel core_i3 2377m
intel core_i5 4200u
intel xeon_gold 6128
intel core_i5 430um
intel core_i7 7700hq
intel xeon_e5_2640_v4 -
intel core_i5 540um
intel xeon_e3_1260l_v5 -
intel celeron_n n2806
intel xeon_e3_1220l_v3 -
phoenixcontact bl2_ppc_1000_firmware -
intel core_i5 4570
intel core_i5 4200m
intel core_i7 4710hq
intel xeon_e3_1280_v6 -
intel core_i5 3570t
intel core_i5 670
intel xeon x3480
intel core_i5 750
intel core_i5 3470
oracle solaris 10
intel atom_z z3745
intel xeon ec5549
intel core_i7 720qm
intel xeon w3670
intel xeon_e3_1270_v5 -
phoenixcontact bl_ppc_7000_firmware -
intel core_i7 5650u
intel xeon_e3_1240_v2 -
phoenixcontact vl_ppc_3000_firmware -
intel xeon_e3 1515m_v5
pepperl-fuchs visunet_rm_shell -
intel core_i5 4308u
intel core_i7 4770hq
intel xeon_platinum 8156
intel core_i5 470um
intel xeon l3406
intel core_i7 2600
intel xeon_e5_2440 -
intel core_i5 8600k
intel xeon_e5_1620_v2 -
phoenixcontact vl_bpc_1000_firmware -
intel xeon_e7 4870_v2
intel xeon_e5_2403 -
intel xeon x3460
intel core_i5 4402ec
intel xeon_e5_2650 -
intel xeon x5672
intel xeon_e3_1240l_v3 -
intel core_i5 3427u
intel atom_e e3815
phoenixcontact dl_ppc21.5m_7000_firmware -
intel xeon e6540
intel xeon_e7 8894_v4
intel xeon_silver 4109t
intel atom_z z2560
netapp solidfire -
intel xeon_e7 8850_v2
vmware esxi 6.5
intel atom_c c2308
intel xeon_e5 2650l_v4
intel xeon_e5 2690_v4
intel core_i7 4700mq
intel core_i5 520m
intel xeon l5508
phoenixcontact bl_bpc_7000_firmware -
intel core_i5 4460t
phoenixcontact vl2_bpc_2000_firmware -
intel atom_c c3808
intel atom_z z2520
intel xeon_e3_1286l_v3 -
intel xeon_e5 2695_v2
intel celeron_n n3350
intel core_i5 4210h
intel core_i3 3240t
intel xeon_e5_1660_v2 -
intel core_i5 2500
intel core_i7 610e
intel xeon_e5 2670_v3
intel xeon_bronze_3106 -
intel core_i5 540m
intel atom_z z3735f
intel core_i7 5550u
intel xeon_e5_2650_v4 -
intel core_i5 3570s
intel atom_z z3570
intel core_i3 4010u
intel core_i3 4350t
phoenixcontact valueline_ipc_firmware -
intel core_i5 2557m
intel core_i5 6440eq
intel xeon_e5_2640_v2 -
arm cortex-x1_firmware -
intel celeron_j j3160
intel xeon_e3_1220 -
intel xeon_e5_2630l_v4 -
intel xeon_silver 4112
intel xeon_e5_1428l -
intel xeon_e7 4830
intel xeon_e5_2603_v2 -
intel xeon_gold 6146
intel core_i7 3820qm
intel core_i3 6100e
intel core_i5 650
intel xeon_e7 8850
intel atom_x3 c3445
phoenixcontact bl_ppc15_1000_firmware -
intel xeon e5645
intel xeon_platinum 8160f
intel core_i7 4720hq
intel atom_c c3308
intel xeon_e7 8860_v3
intel core_i7 2715qe
intel core_i3 2100t
intel core_m 5y71
intel atom_c c3338
intel core_i3 6300t
intel xeon_gold 6144
intel xeon_platinum 8176m
intel xeon_e5_1660_v3 -
intel core_i3 4330t
intel core_i7 620lm
intel core_i7 880
intel xeon_e5 2660_v4
intel xeon_e3_1220_v6 -
intel core_i3 8350k
intel core_i7 620ue
intel xeon_e5_1660 -
intel core_i5 3340m
intel core_i3 2328m
intel core_i3 4360t
intel core_i3 4100u
intel core_i7 2720qm
intel xeon_e5 2687w
intel xeon_e5_2603_v3 -
siemens simatic_itc2200_pro_firmware *
intel celeron_j j4005
intel xeon_gold 6148
phoenixcontact vl_bpc_3000_firmware -
intel core_i5 4670t
intel atom_z z2760
intel xeon_e3_1270_v2 -
intel xeon_e5_2643_v2 -
intel core_i7 4510u
intel xeon_e7 4850_v4
intel xeon_e5_2648l_v2 -
intel xeon_e3_1245 -
intel core_i7 990x
intel core_i7 3537u
intel xeon_e5 2690
intel core_i7 4712mq
intel xeon_e5_2637_v4 -
intel core_i7 2649m
intel xeon_e5 4603
intel xeon_e3_1241_v3 -
intel xeon_e5 4640
intel xeon lc5528
intel core_i5 5675r
intel xeon_e7 4820_v4
intel xeon_e3_1230_v5 -
intel core_i3 4012y
intel core_i5 4670s
intel xeon x5560
intel xeon_e3_1270 -
intel xeon_e5 2699a_v4
intel xeon_e5 4660_v3
intel xeon_e3_1278l_v4 -
intel pentium_j j3710
phoenixcontact vl2_ppc12_1000_firmware -
intel core_i3 5010u
intel xeon e5506
intel xeon_e5 2670_v2
intel core_i5 4690t
intel core_i5 5350u
intel core_i7 965
intel xeon_e3_1125c -
intel xeon_e3_1260l -
intel core_i3 330m
intel core_i7 4800mq
intel atom_x3 c3200rk
intel atom_z z3736g
intel celeron_n n3050
intel core_i5 2435m
phoenixcontact vl2_ppc_3000_firmware -
intel xeon_gold 6148f
intel core_i7 980
intel xeon x7550
intel xeon_e5 4650
intel xeon_silver 4116t
intel core_i7 940
intel core_i7 4770
intel core_i3 3227u
intel celeron_n n2808
intel xeon_phi 7210f
intel xeon l5638
intel xeon_e5_2418l_v3 -
intel celeron_j j1900
intel xeon_e5_2618l_v4 -
intel xeon_e3_1290 -
phoenixcontact vl2_ppc7_1000_firmware -
intel core_i5 4220y
intel celeron_n n3150
pepperl-fuchs btc12_firmware -
intel xeon x5687
intel core_i5 3550s
intel xeon_e3_1245_v2 -
intel xeon_silver 4108
pepperl-fuchs btc14_firmware -
intel core_i7 8550u
intel xeon_e7 2830
intel core_i7 2617m
siemens simatic_itc1900_pro_firmware *
intel atom_c c2530
intel xeon_e3 1578l_v5
intel core_i3 3240
intel core_i7 4650u
intel xeon_e5_1650_v2 -
phoenixcontact bl_ppc17_1000_firmware -
intel core_i3 380m
intel core_i3 390m
intel core_i5 4570r
intel core_i5 4258u
intel xeon_e5 2687w_v2
intel atom_c c2538
intel core_i5 655k
intel core_i7 620m
intel xeon_e5_2640 -
intel xeon_e3 1545m_v5
intel xeon_e3_12201_v2 -
vmware fusion *
intel core_i3 2330e
intel xeon_e5 2683_v4
intel core_i5 2390t
intel core_i3 6100t
intel core_i7 4790k
synology vs360hd_firmware -
intel xeon_e5_2450l -
intel core_i5 2537m
intel xeon_e5 2658
intel core_i3 6300
intel xeon_e5_2609_v2 -
intel core_i3 4100m
intel xeon_e5_1680_v3 -
intel xeon e7530
intel atom_c c3508
intel atom_z z3580
intel xeon_e3_1280_v2 -
intel xeon_e5 4620_v2
intel xeon_e5_2630 -
intel core_i3 2340ue
intel xeon_e7 2820
intel xeon_e5 4640_v2
intel xeon_e5_2609 -
intel core_i7 4960hq
intel atom_z z3785
intel xeon_e5 2665
intel core_i3 3225
intel core_i7 2677m
intel xeon_e3_12201 -
intel pentium_n n3540
intel xeon_e5_2438l_v3 -
intel core_i3 5020u
intel xeon_phi 7210
arm cortex-a57_firmware -
intel core_i7 2920xm
intel core_i5 2510e
intel core_i3 4330
intel xeon_e3_1240 -
intel xeon x5667
intel xeon_gold 6154
intel core_i5 4690k
intel xeon l5630
intel celeron_n n3060
canonical ubuntu_linux 14.04
intel core_i7 640um
intel atom_c c2358
intel core_i7 5557u
intel celeron_n n3160
intel xeon_e5_2430_v2 -
intel xeon_e5_2623_v3 -
intel core_i7 4850hq
intel xeon_platinum 8160
intel xeon_gold 5115
intel xeon_e7 8891_v3
intel core_i7 3540m
intel core_i5 2450p
intel celeron_n n2807
intel core_i3 2105
intel xeon_e7 4880_v2
intel core_i3 2348m
intel core_i7 7920hq
intel core_i3 3210
intel xeon_e5_2470 -
intel xeon_e7 4820_v2
oracle local_service_management_system 13.3
intel core_i7 2635qm
intel core_i7 2820qm
intel core_i5 4300m
intel core_i5 4460s
intel core_m 5y10
intel atom_e e3827
intel xeon e5640
intel xeon_e5 4648_v3
intel xeon_e5_2623_v4 -
intel core_i5 3360m
intel core_i7 3689y
intel xeon_e5 2698_v3
phoenixcontact dl_ppc18.5m_7000_firmware -
intel xeon_e5 4655_v4
intel xeon_e5_1620_v3 -
arm cortex-a75_firmware -
intel xeon_e3_1505l_v5 -
arm neoverse_n2_firmware -
intel core_i5 4310m
intel core_m 5y10c
intel core_i5 3330s
intel core_i3 4010y
intel core_i5 4300y
intel core_i3 4000m
intel core_i5 6685r
intel xeon_e5_2608l_v4 -
intel core_i3 4130t
intel xeon_e7 8890_v4
intel core_i7 4558u
intel atom_z z3740d
intel core_i5 4302y
intel core_i3 4350
phoenixcontact bl_ppc17_7000_firmware -
intel core_i5 3570k
intel atom_c c3558
intel core_i7 4600m
intel xeon_e5_2420_v2 -
intel xeon x5660
intel xeon_e5_2650l_v2 -
intel xeon_e7 4809_v3
intel atom_x5-e3930 -
intel core_i3 4150t
intel core_i7 2630qm
intel core_i5 4210m
intel xeon_e7 8867_v4
intel core_i5 3339y
intel xeon_e5_1428l_v2 -
intel celeron_n n3000
intel core_i7 2600k
intel xeon_e7 4830_v4
intel xeon_e7 8870_v2
intel atom_z z3740
intel xeon_e5 4607
intel core_i5 4422e
intel core_i7 5500u
intel core_i3 6006u
intel atom_c c3708
vmware workstation *
intel atom_x3 c3295rk
intel xeon_e7 4850_v2
intel core_i5 6585r
siemens simatic_itc2200_firmware *
intel xeon_e5_2440_v2 -
intel xeon_e3_1240l_v5 -
intel atom_z z2460
intel atom_z z3480
intel xeon_e5_2648l_v3 -
intel core_i5 6440hq
arm cortex-a78ae_firmware -
intel core_i3 3120m
intel core_i5 3340
intel core_i7 2960xm
intel core_i3 4120u
intel core_i7 970
intel atom_z z3530
intel core_i3 6320
intel core_i5 4210u
intel xeon_e5_2648l -
intel core_i3 2115c
intel xeon_e5 2680_v2
intel xeon_e5 2695_v4
synology skynas -
intel core_i7 3770s
intel xeon_e5 4620_v3
intel core_i7 4771
phoenixcontact el_ppc_1000/m_firmware -
intel xeon_e3_1285_v3 -
intel core_i5 2515e
intel celeron_n n3010
intel core_i7 5950hq
intel atom_c c3950
intel xeon_e3 1565l_v5
intel xeon_platinum 8168
intel core_i5 3337u
intel core_i7 2629m
intel core_i3 2375m
intel core_i7 4770te
intel xeon_e7 8870_v4
intel core_i7 2637m
intel core_i5 4670k
phoenixcontact vl2_bpc_7000_firmware -
intel xeon_e7 8867l
intel core_i3 4340
intel atom_c c2718
intel atom_z z3735e
intel celeron_n n2820
siemens simatic_itc1900_firmware *
intel atom_c c3830
intel core_i7 4750hq
intel xeon e5507
intel xeon_gold 6138t
intel xeon_e7 4809_v2
intel core_i7 7560u
intel xeon_e5 2698_v4
intel core_i5 2550k
intel xeon_e5 2695_v3
intel xeon_gold 6138f
intel core_i5 4590t
intel core_i5 4570t
intel atom_e e3825
intel xeon_e5 2687w_v3
intel xeon_e5 4617
intel core_i3 4160
intel xeon_e3_1505m_v5 -
intel xeon_e5_1680_v4 -
intel core_i7 5775r
arm cortex-a15_firmware -
intel core_i5 580m
intel core_i3 4112e
intel core_i3 6157u
CVE-2017-5754 MEDIUM

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
intel celeron_n n4000
intel core_i3 6100te
intel core_i7 840qm
intel pentium_j j2900
intel xeon_e3_1230_v6 -
intel xeon_e5 4607_v2
intel core_i7 5700hq
intel core_i7 660lm
intel xeon_gold 6140m
intel core_i7 5700eq
intel core_i7 960
intel core_i3 2120
intel xeon l5506
intel core_i7 7820hk
intel xeon e7540
intel core_i5 4250u
intel core_i3 330um
intel core_i7 680um
intel xeon_e5 4640_v4
intel core_i7 2675qm
intel xeon_e7 8860_v4
intel core_i7 975
intel core_i3 4360
intel xeon_silver 4110
intel core_i5 680
intel core_i7 640m
intel xeon_e7 4860_v2
intel xeon x5647
intel xeon_e5_2650_v3 -
intel core_i5 5675c
intel xeon_e3_1280_v5 -
intel pentium_n n3700
intel celeron_j j3355
intel core_m5 6y57
intel xeon_e7 8890_v3
intel xeon_e5 4610
intel xeon ec5539
intel xeon_e3_1285_v6 -
intel xeon_e5 2697_v2
intel xeon_e5_2630l_v3 -
intel core_i5 480m
intel xeon_e5 4650_v4
intel xeon_e3_1230 -
intel atom_x3 c3230rk
intel atom_z z3560
intel core_i5 4340m
intel core_i7 870s
intel core_i5 2300
intel xeon e5502
intel core_m 5y10a
intel xeon_e5 2658a_v3
intel xeon_e5 4655_v3
intel xeon w3690
intel xeon_e3_1220_v2 -
intel xeon_e5 2680
intel core_i3 4158u
intel core_i3 6102e
intel xeon_platinum 8158
intel xeon e6510
intel atom_c c2508
intel xeon_e3_1275_v2 -
intel core_i5 5575r
intel core_i7 2600s
intel xeon e5503
intel core_i5 2400s
intel core_i7 3770k
intel core_i3 4150
intel core_i7 4578u
intel core_i5 3439y
intel core_i5 4440s
intel xeon_e5 4650_v2
intel celeron_n n2920
intel xeon_e5_2418l_v2 -
intel core_i7 7567u
intel atom_c c2338
intel core_i3 2367m
intel xeon_e7 2890_v2
intel xeon_gold 6142f
intel xeon e5607
intel xeon_e7 8860
intel xeon_silver 4116
intel core_i3 4170t
intel core_i7 4760hq
intel pentium_n n3710
intel xeon l7555
intel core_i5 4590
intel core_i7 3612qe
intel core_i3 3245
intel core_i7 4950hq
intel core_i7 980x
intel core_i5 3550
intel xeon_e7 4870
intel celeron_j j1850
intel xeon_e3_1225_v5 -
intel xeon_e7 8880_v4
intel xeon_e5 2667
intel xeon x3470
intel core_i7 3635qm
intel xeon_e3_1125c_v2 -
intel core_i7 5775c
intel xeon_e5_2648l_v4 -
intel atom_x3 c3265rk
intel core_i7 4500u
intel xeon_e7 8867_v3
intel xeon x3450
intel core_i7 7660u
intel xeon w5580
intel core_i3 4020y
intel core_i3 2102
intel core_i5 6350hq
intel xeon_phi 7295
intel xeon l3426
intel core_i3 530
intel core_i3 3130m
intel core_i3 2312m
intel core_i5 2380p
intel core_i7 4710mq
intel xeon_e3_1505l_v6 -
intel xeon_e5_1650_v4 -
intel pentium_j j4205
intel xeon e5603
intel xeon_e5_2643_v3 -
intel xeon_e3 1558l_v5
intel xeon_e3 1585l_v5
intel xeon_platinum 8160t
intel core_i7 3610qm
intel core_i7 4712hq
intel core_i3 380um
intel core_i7 3517u
intel core_i3 3217ue
intel core_i7 8650u
intel atom_c c2518
intel xeon e5530
intel xeon_e5 2697a_v4
intel xeon x5690
intel core_i5 6360u
intel core_i3 3220
intel xeon_e5_2430 -
intel core_i3 4110m
intel xeon_gold 6130t
intel xeon_e5_2403_v2 -
intel xeon_e5 2670
intel core_m 5y31
intel xeon_e3_1265l_v2 -
intel xeon_e3_1268l_v5 -
intel core_i5 2410m
intel xeon_e5_2637 -
intel core_i5 6600t
intel core_i7 2657m
intel core_i5 4400e
intel xeon x5550
intel xeon_e5_2630l_v2 -
intel atom_c c2750
intel core_i7 2700k
intel xeon_e5 4610_v2
intel xeon_e3_1275l_v3 -
intel xeon_e5_2618l_v2 -
intel core_i3 2330m
intel core_i3 3220t
intel atom_c c2550
intel xeon_e7 2803
intel core_m 5y51
intel core_i3 6098p
intel xeon_e5_2408l_v3 -
intel xeon_e5_2637_v3 -
intel core_i5 560um
intel core_i7 4810mq
intel core_i5 4200y
intel core_i3 3250t
intel core_i5 2500s
intel core_i7 660um
intel xeon_e5_2450l_v2 -
intel core_i5 750s
intel core_i7 875k
intel xeon_platinum 8176
intel core_i5 4670r
intel xeon x7560
intel core_i7 4790s
intel atom_z z3775
intel core_i7 860s
intel core_i5 2320
intel core_i3 350m
intel xeon_e3_1105c_v2 -
intel core_i3 4330te
intel core_i7 4900mq
intel core_i5 5300u
intel core_i5 4670
intel celeron_j j3455
intel core_i5 3330
intel xeon_e5 2658_v2
intel xeon_e7 2850_v2
intel xeon_e3_1275_v3 -
intel core_i7 4770r
intel core_i5 4350u
intel core_i5 6500te
intel xeon_e3_1231_v3 -
intel xeon_e3_1258l_v4 -
intel core_i3 2310e
intel core_i7 2860qm
intel core_i7 7700t
intel xeon x3440
intel xeon_e5_2450_v2 -
intel xeon_e5 4627_v3
intel core_i5 2540m
intel core_i5 8250u
intel core_i7 4770s
intel xeon_silver 4114t
intel core_i7 4550u
intel core_i7 3520m
intel pentium_n n3510
intel core_i5 4210y
intel core_i3 4025u
intel celeron_n n2815
intel xeon w3680
intel core_i7 5600u
intel core_i7 8700
intel xeon e5504
intel xeon_e3_1240_v5 -
intel xeon_e5_2448l -
intel core_i5 3470t
intel core_i5 520um
intel atom_c c2730
intel xeon w5590
intel core_m3 6y30
intel core_i3 4130
intel xeon_e7 2870
intel xeon_e5_2630l -
intel xeon_e7 2870_v2
intel xeon_e5 2699r_v4
intel core_i3 4030y
intel core_m5 6y54
intel core_i5 460m
intel xeon_gold 6152
intel xeon_e5 4627_v4
intel core_i3 2350m
intel core_i3 3120me
intel core_i5 8400
intel core_i7 640lm
intel core_i5 5250u
intel xeon_e5_2620_v3 -
intel core_i5 6267u
intel core_i5 6300hq
intel core_i5 660
intel xeon x3430
intel atom_z z3745d
intel xeon_e5_2609_v4 -
intel xeon_e3_1225_v6 -
intel xeon_e5_2643 -
intel atom_c c2738
intel xeon_platinum 8170m
intel core_i5 2405s
intel core_i5 661
intel xeon_e5 2658_v3
intel xeon_gold 6126t
intel xeon lc5518
intel xeon_e5 2699_v4
intel xeon_e5 4620
intel xeon_e7 8830
intel core_i7 7700k
intel core_i7 3615qm
intel xeon_e5_2420 -
intel core_i7 7600u
intel core_i7 3517ue
intel xeon_e5 2697_v4
intel core_i3 6167u
intel core_i3 5015u
intel atom_c c2558
intel core_i5 3437u
intel xeon_gold 6126f
intel xeon_e3_1286_v3 -
intel xeon_e3_1235l_v5 -
intel core_m3 7y30
intel xeon e5540
intel core_i5 6402p
intel atom_z z3775d
intel xeon_e3_1275 -
intel xeon_e5 2697_v3
intel celeron_n n3450
intel xeon_e5 2699_v3
intel xeon_e3 1535m_v5
intel xeon_e7 2860
intel core_i5 6500t
intel pentium_n n3520
intel xeon_e3_1230_v2 -
intel core_i7 4770k
intel xeon_e3_1245_v5 -
intel xeon_e5_1620_v4 -
intel atom_z z3735g
intel xeon_e7 4850_v3
intel xeon e7520
intel core_i5 4430s
intel xeon x5677
intel core_i3 330e
intel xeon_e7 8893_v3
intel pentium_j j2850
intel celeron_j j1800
intel xeon_e3_1225_v3 -
intel core_i5 4460
intel core_i3 2357m
intel xeon_e3_1270_v6 -
intel xeon_e7 4820
intel core_i7 3740qm
intel xeon_e7 4807
intel xeon_e3_1240_v6 -
intel core_i5 4330m
intel celeron_n n2805
intel pentium_n n3530
intel xeon_e5_2407_v2 -
intel core_i3 2370m
intel core_i5 6300u
intel core_i7 950
intel xeon_gold 6130f
intel core_i5 450m
intel xeon_e5 4650_v3
intel xeon_e3_1275_v5 -
intel xeon_e5 4669_v4
intel core_i5 5287u
intel celeron_j j3060
intel core_i5 3450s
intel core_i3 4340te
intel atom_z z3795
intel xeon_e7 4830_v2
intel core_i5 3350p
intel xeon_e3_1220_v3 -
intel celeron_n n2810
intel core_i3 4102e
intel xeon_e3 1585_v5
intel xeon_platinum 8160m
intel xeon_e5 4620_v4
intel core_m3 7y32
intel xeon_e5 4660_v4
intel xeon_e3_1245_v3 -
intel xeon_e3_1285l_v4 -
intel xeon_gold 6140
intel core_i5 5257u
arm cortex-a 75
intel core_i7 4702hq
intel core_i5 3570
intel xeon x5675
intel xeon_e7 8880l_v2
intel core_i5 3475s
intel atom_e e3845
intel xeon l5618
intel xeon_e5_2637_v2 -
intel core_i3 5157u
intel xeon_e5 2660_v3
intel xeon_e5_1428l_v3 -
intel core_i7 3770
intel atom_e e3826
intel core_i7 4910mq
intel core_i5 5350h
intel core_i7 3632qm
intel xeon_e3_1290_v2 -
intel xeon_e5_2418l -
intel xeon_e5_2628l_v4 -
intel xeon_phi 7290f
intel core_i3 4370
intel xeon_e7 8880l_v3
intel xeon_e5_2608l_v3 -
intel core_i3 4030u
intel xeon_silver 4114
intel core_i7 920
intel core_i7 4600u
intel xeon_gold 5118
intel core_i5 6400t
intel xeon_e7 4860
intel xeon l5520
intel core_i7 7y75
intel core_i7 4610y
intel xeon_e3_1240_v3 -
intel core_i5 2400
intel core_i7 3612qm
intel core_i5 560m
intel xeon_e7 8880_v3
intel xeon_phi 7235
intel xeon_phi 7250
intel core_i3 550
intel core_i5 6200u
intel xeon_e7 8891_v2
intel core_i7 4980hq
intel core_i5 2500k
intel core_i3 2125
intel core_i5 4260u
intel atom_x3 c3130
intel xeon_gold 6132
intel xeon_e3_1280_v3 -
intel core_i3 3115c
intel xeon_phi 7290
intel core_i5 6400
intel core_i7 920xm
intel core_i7 870
intel core_i7 4790t
intel xeon_e3_1220_v5 -
intel xeon_e5_2643_v4 -
intel core_i7 660ue
intel core_i7 820qm
intel atom_x3 c3405
intel core_i7 4700hq
intel core_i7 8700k
intel xeon_e5 2660_v2
intel core_i5 4570s
intel xeon_e5 4650l
intel xeon_e7 8857_v2
intel atom_z z2580
intel xeon_gold 6136
intel core_i7 7820hq
intel xeon x6550
intel atom_z z3736f
intel xeon_gold 5120t
intel core_i3 3110m
intel core_i3 4110e
intel core_i3 560
intel xeon_bronze_3104 -
intel xeon_e3 1575m_v5
intel core_i7 4790
intel xeon_gold 5119t
intel xeon l5518
intel xeon_gold 6150
intel celeron_n n2930
intel core_i3 3217u
intel xeon_gold 6130
intel core_i3 2100
intel core_i7 3667u
intel xeon l5609
intel xeon_e3_1285l_v3 -
intel atom_c c2350
intel xeon_e3 1505m_v6
intel xeon_e5_2620 -
intel xeon_e5 4624l_v2
intel xeon_e5_2448l_v2 -
intel core_i5 4300u
intel core_i7 4785t
intel xeon x5670
intel core_i3 4170
intel xeon_e5_2428l_v3 -
intel xeon_e3_1275_v6 -
intel xeon x7542
intel xeon_platinum 8164
intel core_i3 4100e
intel core_i5 6260u
intel core_i3 2310m
intel core_i7 860
intel core_i7 2655le
intel core_i5 4288u
intel core_i3 5005u
intel xeon_e5_2430l -
intel core_i5 4360u
intel core_i5 2467m
intel core_i5 4402e
intel xeon_e5 2690_v2
intel xeon l7545
intel xeon_e5_2620_v2 -
intel xeon_gold 6134
intel xeon_e7 8890_v2
intel xeon_gold 6138
intel core_i7 2670qm
intel xeon_gold 5122
intel core_i3 4370t
intel core_i5 2310
intel xeon_e-1105c -
intel celeron_j j1750
intel xeon_e5 4610_v4
intel xeon x5570
intel xeon_e5 4610_v3
intel core_i7 2710qe
intel core_i3 2365m
intel xeon_e3_1276_v3 -
intel atom_c c3858
intel xeon_e5 4669_v3
intel xeon_e3_1245_v6 -
intel core_i7 2620m
intel core_i5 3317u
intel core_i7 4860hq
intel core_i5 2430m
intel xeon_e3_1270_v3 -
intel core_i7 620le
intel xeon_e5_2650l_v3 -
intel core_i5 5200u
intel celeron_n n2940
intel xeon_e3_1230_v3 -
intel core_i7 4770t
intel atom_c c3538
intel xeon x5650
intel xeon_gold 6142
intel xeon_gold 6142m
intel core_i5 3230m
intel atom_z z3770d
intel core_i3 2130
intel xeon_e5_1620 -
intel atom_c c3958
intel xeon_e5_2628l_v2 -
intel xeon e5606
intel xeon_phi 7230f
intel atom_z z2480
intel xeon_e3_1225 -
intel core_i7 4610m
intel xeon_e5 2680_v3
intel xeon_e5_2407 -
intel xeon_e7 4830_v3
intel core_i5 6600k
intel atom_c c2758
intel atom_c c2516
intel xeon_e5_2430l_v2 -
intel xeon_gold 5120
intel xeon_e7 4850
intel core_i7 5850hq
intel core_i5 4690s
intel xeon_e5 2687w_v4
intel xeon_e5 4667_v3
intel xeon_e7 8870
intel core_i3 3229y
intel xeon_e5_2609_v3 -
intel xeon_e7 8880_v2
intel xeon_e5_2630_v3 -
intel core_i3 8100
intel core_i7 7820eq
intel core_i7 3687u
intel core_i7 4722hq
intel core_i5 4410e
intel core_i5 4690
intel core_i7 4702ec
intel xeon_e3_1501m_v6 -
intel xeon_e5 2690_v3
intel xeon_e5 4628l_v4
intel xeon_e5_2618l_v3 -
intel core_i3 4005u
intel xeon_platinum 8176f
intel core_i7 7500u
intel xeon_e5_1630_v4 -
intel xeon_phi 7250f
intel xeon_e3_1281_v3 -
intel core_i5 6442eq
intel xeon_e7 2850
intel xeon x5680
intel core_i5 3610me
intel core_i5 2520m
intel core_i7 3555le
intel atom_z z3770
intel core_i7 7700
intel xeon_e3_1265l_v3 -
intel core_i3 370m
intel core_i7 3630qm
intel xeon_e5 2667_v4
intel atom_c c3750
intel core_i3 540
intel core_i5 3210m
intel pentium_n n4200
intel xeon_platinum 8170
intel xeon_e5_2640_v3 -
intel core_i7 4702mq
intel xeon_e7 2880_v2
intel core_i3 2120t
intel core_i3 6100
intel xeon l5530
intel xeon_e5_1650 -
intel xeon_e7 8870_v3
intel xeon_e5_2630_v4 -
intel core_i5 4570te
intel core_i7 2610ue
intel xeon_e7 8837
intel xeon_e5_2428l_v2 -
intel xeon_e3 1535m_v6
intel xeon_e3_1501l_v6 -
intel core_i7 940xm
intel xeon_gold 6126
intel xeon_e5 4667_v4
intel xeon_e5_2470_v2 -
intel atom_c c3758
intel core_i7 4700ec
intel core_i5 430m
intel xeon_e5 2660
intel xeon_e3_1268l_v3 -
intel xeon e5520
intel xeon_e5 2683_v3
intel xeon_e3_1265l_v4 -
intel core_i7 3770t
intel xeon_e5_1630_v3 -
intel core_i7 3720qm
intel xeon_e3_1285_v4 -
intel xeon_e7 8893_v4
intel xeon_e3_1235 -
intel xeon_e5_2428l -
intel xeon_e5 4627_v2
intel xeon_e5_2620_v4 -
intel core_i7 3610qe
intel xeon_e5 2680_v4
intel xeon_e5 4603_v2
intel xeon_e7 8893_v2
intel xeon_e5 4640_v3
intel xeon_e5_1650_v3 -
intel core_i7 5850eq
intel xeon_e3_1271_v3 -
intel core_i7 620um
intel core_m7 6y75
intel xeon e5620
intel atom_z z3735d
intel core_i5 4278u
intel core_i7 4765t
intel core_i5 4310u
intel xeon_gold 6134m
intel core_i5 520e
intel atom_x3 c3205rk
intel core_i7 5750hq
intel core_i3 3250
intel xeon_e5_1660_v4 -
intel core_i7 4700eq
intel core_i5 3340s
intel core_i5 4200h
intel xeon_e3_1225_v2 -
intel xeon ec5509
intel core_i7 4870hq
intel core_i5 760
intel core_i7 3615qe
intel celeron_n n4100
intel celeron_n n2910
intel atom_c c3955
intel core_i3 4160t
intel xeon_e3_1246_v3 -
intel xeon_e5 2658_v4
intel core_i7 740qm
intel celeron_j j4105
intel xeon_e5_2603_v4 -
intel core_i5 4430
intel core_i5 4440
intel core_i7 930
intel core_i5 3380m
intel xeon_phi 7285
intel xeon e5630
intel core_i5 3470s
intel xeon e5649
intel atom_x3 c3235rk
intel xeon_platinum 8180
intel core_m 5y70
intel core_i5 3320m
intel xeon_phi 7230
intel atom_z z2420
intel core_i5 6600
intel core_i3 6100h
intel xeon_e7 4820_v3
intel atom_e e3805
intel xeon_e5 2667_v3
intel atom_c c3850
intel xeon_e3_1280 -
intel core_i5 6500
intel xeon_e3_1230l_v3 -
intel xeon_e3_1226_v3 -
intel xeon_e5_2650_v2 -
intel xeon_e5_2603 -
intel xeon_e5_2630_v2 -
intel core_i7 2640m
intel core_i5 2500t
intel xeon_e5_2650l -
intel xeon_e7 4890_v2
intel xeon_e5_2450 -
intel atom_z z3460
intel xeon_platinum 8153
intel core_i5 3450
intel xeon_e7 8891_v4
intel core_i5 4202y
intel atom_z z3590
intel atom_c c2316
intel xeon_e5 4657l_v2
intel core_i5 8350u
intel celeron_n n2840
intel xeon l5640
intel celeron_n n2830
intel core_i7 3840qm
intel core_i5 2450m
intel core_i7 2760qm
intel core_i5 4590s
intel core_i5 6287u
intel xeon_e5_2628l_v3 -
intel core_i3 6100u
intel xeon_e5 2667_v2
intel xeon_e7 4809_v4
intel core_i3 2377m
intel core_i5 4200u
intel xeon_gold 6128
intel core_i5 430um
intel core_i7 7700hq
intel xeon_e5_2640_v4 -
intel core_i5 540um
intel xeon_e3_1260l_v5 -
intel celeron_n n2806
intel xeon_e3_1220l_v3 -
intel core_i5 4570
intel core_i5 4200m
intel core_i7 4710hq
intel xeon_e3_1280_v6 -
intel core_i5 3570t
intel core_i5 670
intel xeon x3480
intel core_i5 750
intel core_i5 3470
intel atom_z z3745
intel xeon ec5549
intel core_i7 720qm
intel xeon_e3_1270_v5 -
intel xeon w3670
intel core_i7 5650u
intel xeon_e3_1240_v2 -
intel xeon_e3 1515m_v5
intel core_i7 4770hq
intel core_i5 4308u
intel xeon_platinum 8156
intel core_i5 470um
intel xeon l3406
intel core_i7 2600
intel xeon_e5_2440 -
intel core_i5 8600k
intel xeon_e5_1620_v2 -
intel xeon_e7 4870_v2
intel xeon_e5_2403 -
intel xeon x3460
intel core_i5 4402ec
intel xeon_e5_2650 -
intel xeon x5672
intel xeon_e3_1240l_v3 -
intel core_i5 3427u
intel atom_e e3815
intel xeon e6540
intel xeon_e7 8894_v4
intel xeon_silver 4109t
intel atom_z z2560
intel xeon_e7 8850_v2
intel atom_c c2308
intel xeon_e5 2650l_v4
intel xeon_e5 2690_v4
intel core_i7 4700mq
intel core_i5 520m
intel xeon l5508
intel core_i5 4460t
intel atom_c c3808
intel atom_z z2520
intel xeon_e3_1286l_v3 -
intel xeon_e5 2695_v2
intel celeron_n n3350
intel core_i5 4210h
intel core_i3 3240t
intel xeon_e5_1660_v2 -
intel core_i5 2500
intel core_i7 610e
intel xeon_e5 2670_v3
intel xeon_bronze_3106 -
intel core_i5 540m
intel atom_z z3735f
intel core_i7 5550u
intel xeon_e5_2650_v4 -
intel core_i5 3570s
intel atom_z z3570
intel core_i3 4010u
intel core_i3 4350t
intel core_i5 2557m
intel core_i5 6440eq
intel xeon_e5_2640_v2 -
intel celeron_j j3160
intel xeon_e3_1220 -
intel xeon_e5_2630l_v4 -
intel xeon_silver 4112
intel xeon_e5_1428l -
intel xeon_e7 4830
intel xeon_e5_2603_v2 -
intel xeon_gold 6146
intel core_i7 3820qm
intel core_i3 6100e
intel core_i5 650
intel xeon_e7 8850
intel atom_x3 c3445
intel xeon e5645
intel xeon_platinum 8160f
intel core_i7 4720hq
intel atom_c c3308
intel xeon_e7 8860_v3
intel core_i7 2715qe
intel core_i3 2100t
intel core_m 5y71
intel atom_c c3338
intel core_i3 6300t
intel xeon_gold 6144
intel xeon_platinum 8176m
intel xeon_e5_1660_v3 -
intel core_i3 4330t
intel core_i7 620lm
intel core_i7 880
intel xeon_e5 2660_v4
intel xeon_e3_1220_v6 -
intel core_i3 8350k
intel core_i7 620ue
intel xeon_e5_1660 -
intel core_i5 3340m
intel core_i3 2328m
intel core_i3 4360t
intel core_i3 4100u
intel core_i7 2720qm
intel xeon_e5 2687w
intel xeon_e5_2603_v3 -
intel celeron_j j4005
intel xeon_gold 6148
intel core_i5 4670t
intel atom_z z2760
intel xeon_e3_1270_v2 -
intel xeon_e5_2643_v2 -
intel core_i7 4510u
intel xeon_e7 4850_v4
intel xeon_e5_2648l_v2 -
intel xeon_e3_1245 -
intel core_i7 990x
intel core_i7 3537u
intel xeon_e5 2690
intel core_i7 4712mq
intel xeon_e5_2637_v4 -
intel core_i7 2649m
intel xeon_e5 4603
intel xeon_e3_1241_v3 -
intel xeon_e5 4640
intel xeon lc5528
intel core_i5 5675r
intel xeon_e7 4820_v4
intel xeon_e3_1230_v5 -
intel core_i3 4012y
intel core_i5 4670s
intel xeon x5560
intel xeon_e3_1270 -
intel xeon_e5 2699a_v4
intel xeon_e5 4660_v3
intel xeon_e3_1278l_v4 -
intel pentium_j j3710
intel core_i3 5010u
intel xeon e5506
intel xeon_e5 2670_v2
intel core_i5 4690t
intel core_i5 5350u
intel core_i7 965
intel xeon_e3_1260l -
intel xeon_e3_1125c -
intel core_i7 4800mq
intel atom_x3 c3200rk
intel core_i3 330m
intel atom_z z3736g
intel celeron_n n3050
intel core_i5 2435m
intel xeon_gold 6148f
intel core_i7 980
intel xeon x7550
intel xeon_e5 4650
intel xeon_silver 4116t
intel core_i7 940
intel core_i7 4770
intel core_i3 3227u
intel celeron_n n2808
intel xeon_phi 7210f
intel xeon l5638
intel xeon_e5_2418l_v3 -
intel celeron_j j1900
intel xeon_e5_2618l_v4 -
intel xeon_e3_1290 -
intel core_i5 4220y
intel celeron_n n3150
intel xeon x5687
intel core_i5 3550s
intel xeon_e3_1245_v2 -
intel xeon_silver 4108
intel core_i7 8550u
intel xeon_e7 2830
intel core_i7 2617m
intel atom_c c2530
intel xeon_e3 1578l_v5
intel core_i3 3240
intel core_i7 4650u
intel xeon_e5_1650_v2 -
intel core_i3 380m
intel core_i3 390m
intel core_i5 4570r
intel core_i5 4258u
intel xeon_e5 2687w_v2
intel atom_c c2538
intel core_i5 655k
intel core_i7 620m
intel xeon_e5_2640 -
intel xeon_e3 1545m_v5
intel xeon_e3_12201_v2 -
intel core_i3 2330e
intel xeon_e5 2683_v4
intel core_i5 2390t
intel core_i3 6100t
intel core_i7 4790k
intel xeon_e5_2450l -
intel core_i5 2537m
intel xeon_e5 2658
intel core_i3 6300
intel xeon_e5_2609_v2 -
intel core_i3 4100m
intel xeon_e5_1680_v3 -
intel xeon e7530
intel atom_c c3508
intel atom_z z3580
intel xeon_e3_1280_v2 -
intel xeon_e5 4620_v2
intel xeon_e5_2630 -
intel core_i3 2340ue
intel xeon_e7 2820
intel xeon_e5 4640_v2
intel xeon_e5_2609 -
intel core_i7 4960hq
intel atom_z z3785
intel xeon_e5 2665
intel core_i3 3225
intel core_i7 2677m
intel xeon_e3_12201 -
intel pentium_n n3540
intel xeon_e5_2438l_v3 -
intel core_i3 5020u
intel xeon_phi 7210
intel core_i7 2920xm
intel core_i5 2510e
intel core_i3 4330
intel xeon_e3_1240 -
intel xeon x5667
intel xeon_gold 6154
intel core_i5 4690k
intel xeon l5630
intel celeron_n n3060
intel atom_c c2358
intel core_i7 640um
intel core_i7 5557u
intel celeron_n n3160
intel xeon_e5_2430_v2 -
intel xeon_e5_2623_v3 -
intel core_i7 4850hq
intel xeon_platinum 8160
intel xeon_gold 5115
intel xeon_e7 8891_v3
intel core_i7 3540m
intel core_i5 2450p
intel celeron_n n2807
intel core_i3 2105
intel xeon_e7 4880_v2
intel core_i3 2348m
intel core_i7 7920hq
intel core_i3 3210
intel xeon_e5_2470 -
intel xeon_e7 4820_v2
intel core_i7 2635qm
intel core_i7 2820qm
intel core_i5 4300m
intel core_m 5y10
intel core_i5 4460s
intel atom_e e3827
intel xeon e5640
intel xeon_e5 4648_v3
intel xeon_e5_2623_v4 -
intel core_i5 3360m
intel core_i7 3689y
intel xeon_e5 2698_v3
intel xeon_e5 4655_v4
intel xeon_e5_1620_v3 -
intel xeon_e3_1505l_v5 -
intel core_i5 4310m
intel core_m 5y10c
intel core_i5 3330s
intel core_i3 4010y
intel core_i5 4300y
intel core_i3 4000m
intel core_i5 6685r
intel xeon_e5_2608l_v4 -
intel core_i3 4130t
intel xeon_e7 8890_v4
intel core_i7 4558u
intel atom_z z3740d
intel core_i5 4302y
intel core_i3 4350
intel core_i5 3570k
intel atom_c c3558
intel core_i7 4600m
intel xeon_e5_2420_v2 -
intel xeon x5660
intel xeon_e5_2650l_v2 -
intel xeon_e7 4809_v3
intel core_i3 4150t
intel core_i7 2630qm
intel core_i5 4210m
intel xeon_e7 8867_v4
intel core_i5 3339y
intel xeon_e5_1428l_v2 -
intel celeron_n n3000
intel core_i7 2600k
intel xeon_e7 4830_v4
intel xeon_e7 8870_v2
intel atom_z z3740
intel xeon_e5 4607
intel core_i5 4422e
intel core_i7 5500u
intel core_i3 6006u
intel atom_c c3708
intel atom_x3 c3295rk
intel xeon_e7 4850_v2
intel core_i5 6585r
intel xeon_e5_2440_v2 -
intel xeon_e3_1240l_v5 -
intel atom_z z2460
intel atom_z z3480
intel xeon_e5_2648l_v3 -
intel core_i5 6440hq
intel core_i5 3340
intel core_i3 3120m
intel core_i7 2960xm
intel core_i3 4120u
intel core_i7 970
intel atom_z z3530
intel core_i3 6320
intel core_i5 4210u
intel xeon_e5_2648l -
intel core_i3 2115c
intel xeon_e5 2680_v2
intel xeon_e5 2695_v4
intel core_i7 3770s
intel xeon_e5 4620_v3
intel core_i7 4771
intel xeon_e3_1285_v3 -
intel core_i5 2515e
intel celeron_n n3010
intel core_i7 5950hq
intel atom_c c3950
intel xeon_e3 1565l_v5
intel xeon_platinum 8168
intel core_i5 3337u
intel core_i7 2629m
intel core_i3 2375m
intel core_i7 4770te
intel xeon_e7 8870_v4
intel core_i7 2637m
intel core_i5 4670k
intel xeon_e7 8867l
intel core_i3 4340
intel atom_c c2718
intel atom_z z3735e
intel celeron_n n2820
intel atom_c c3830
intel core_i7 4750hq
intel xeon e5507
intel xeon_gold 6138t
intel xeon_e7 4809_v2
intel core_i7 7560u
intel xeon_e5 2698_v4
intel core_i5 2550k
intel xeon_e5 2695_v3
intel xeon_gold 6138f
intel core_i5 4590t
intel core_i5 4570t
intel atom_e e3825
intel xeon_e5 2687w_v3
intel xeon_e5 4617
intel core_i3 4160
intel xeon_e3_1505m_v5 -
intel xeon_e5_1680_v4 -
intel core_i7 5775r
intel core_i5 580m
intel core_i3 4112e
intel core_i3 6157u
CVE-2017-7563 MEDIUM

In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism. This issue occurs because of inconsistency in the number of execute-never bits (one bit versus two bits).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-732,

Products Affected

Vendor Product Version
arm arm_trusted_firmware *
CVE-2017-7564 MEDIUM

In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service (secure world panic) via vectors involving debug exceptions and debug registers.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
arm arm_trusted_firmware *
CVE-2017-9607 MEDIUM

The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image, which triggers an integer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
arm arm-trusted-firmware *
CVE-2018-0487 HIGH

ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 8.0
arm mbed_tls *
CVE-2018-0488 HIGH

ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 8.0
arm mbed_tls *
CVE-2018-0497 MEDIUM

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (with a wrong SHA-384 calculation) for CVE-2013-0169.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 8.0
arm mbed_tls *
CVE-2018-0498 LOW

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 8.0
arm mbed_tls *
CVE-2018-1000520 MEDIUM

ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows Incorrectly Signed Certificates vulnerability in mbedtls_ssl_get_verify_result() that can result in ECDSA-signed certificates are accepted, when only RSA-signed ones should be.. This attack appear to be exploitable via Peers negotiate a TLS-ECDH-RSA-* ciphersuite. Any of the peers can then provide an ECDSA-signed certificate, when only an RSA-signed one should be accepted..

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2018-19440 MEDIUM

ARM Trusted Firmware-A allows information disclosure.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
arm trusted_firmware-a *
CVE-2018-19608 LOW

Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites.

CVSS 2.0

Severity: LOW

Problem Type: CWE-269,

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2018-3639 LOW

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,

Products Affected

Vendor Product Version
intel atom_c c3750
intel xeon_e3 x5550
intel xeon_e3_1230_v6 -
siemens simatic_ipc627c_firmware *
intel xeon_e5 4607_v2
intel xeon_platinum 8170
intel xeon_e3 e5503
intel xeon_e5_2640_v3 -
redhat enterprise_linux_eus 7.3
intel xeon_e7 2880_v2
siemens simatic_ipc427c_firmware -
intel core_i3 45nm
microsoft windows_10 -
intel xeon_e5 4640_v4
intel xeon_e5_1650 -
intel xeon_e7 8870_v3
intel pentium_silver n5000
intel xeon_e5_2630_v4 -
intel xeon_e7 8837
intel xeon_e5_2428l_v2 -
intel xeon_e3 1535m_v6
intel xeon_e7 8860_v4
siemens simatic_ipc477e_firmware *
intel xeon_e3_1501l_v6 -
intel xeon_silver 4110
intel core_m 45nm
intel xeon_gold 86136
intel xeon_e5 4667_v4
intel xeon_e5_2470_v2 -
intel atom_c c3758
intel xeon_e7 4860_v2
intel xeon_e5_2650_v3 -
intel xeon_gold 85118
siemens simatic_ipc677c_firmware *
intel xeon_e5 2660
intel xeon_gold 86142f
intel xeon_gold 86130
intel xeon_e3_1280_v5 -
intel xeon_e3_1268l_v3 -
intel xeon_e3 x3440
intel xeon_e7 8890_v3
intel xeon_e5 4610
redhat openstack 8
intel xeon_e5 2683_v3
intel xeon_e3_1265l_v4 -
siemens simatic_itp1000_firmware *
intel xeon_e3_1285_v6 -
intel xeon_e5 2697_v2
intel xeon_e5_1630_v3 -
intel xeon_e5_2630l_v3 -
intel xeon_gold 86138t
intel xeon_e3_1285_v4 -
intel xeon_e3 w5590
intel xeon_e7 8893_v4
intel xeon_e5 4650_v4
redhat enterprise_linux_server_tus 7.7
intel xeon_e3_1235 -
intel xeon_e5_2428l -
redhat enterprise_linux_eus 6.7
intel xeon_e5 4627_v2
intel xeon_e5_2620_v4 -
intel xeon_e3_1230 -
intel atom_z z3560
siemens simatic_ipc547e_firmware *
intel xeon_gold 86146
intel xeon_e5 2680_v4
siemens simatic_ipc627d_firmware *
intel xeon_e5 4603_v2
intel xeon_e7 8893_v2
intel xeon_e5 4640_v3
intel xeon_e5_1650_v3 -
intel xeon_e3 l3406
intel xeon_e5 2658a_v3
intel xeon_e5 4655_v3
intel xeon_e3_1271_v3 -
intel xeon_e3_1220_v2 -
intel xeon_e5 2680
mitel mivoice_border_gateway -
intel xeon_platinum 8158
redhat enterprise_linux_desktop 7.0
intel atom_z z3735d
intel xeon_e3_1275_v2 -
siemens simatic_field_pg_m5_firmware *
intel xeon_e5 4650_v2
microsoft windows_server_2016 1709
intel xeon_e5_2418l_v2 -
intel xeon_e3 125c_
intel xeon_e5_1660_v4 -
intel xeon_e7 2890_v2
intel xeon_e3_1225_v2 -
intel xeon_e7 8860
intel xeon_silver 4116
microsoft surface_pro 4
intel xeon_gold 86148f
siemens itc1500_pro_firmware *
intel xeon_e7 4870
intel atom_c c3955
intel xeon_e3_1225_v5 -
intel xeon_e7 8880_v4
intel xeon_e3_1246_v3 -
intel xeon_e5 2667
intel xeon_e3 e5502
microsoft surface_book -
mitel micollab -
intel xeon_e5 2658_v4
intel xeon_e3_1125c_v2 -
intel celeron_j j4105
intel xeon_e5_2603_v4 -
intel xeon_e5_2648l_v4 -
redhat enterprise_linux_server_aus 7.4
intel xeon_e7 8867_v3
sonicwall cloud_global_management_system -
debian debian_linux 8.0
microsoft windows_server_2016 -
intel xeon_gold 86150
intel xeon_platinum 8180
intel core_i5 32nm
intel xeon_e3 7500
siemens itc2200_pro_firmware *
siemens simatic_ipc647d_firmware *
redhat enterprise_linux_server_tus 7.3
intel xeon_e3 l5508_
intel atom_z z2420
intel xeon_e3_1505l_v6 -
intel xeon_e7 4820_v3
microsoft windows_server_2012 -
intel core_i7 45nm
intel xeon_e5_1650_v4 -
siemens simatic_ipc3000_smart_firmware *
intel pentium_j j4205
intel atom_e e3805
intel xeon_gold 86126f
intel xeon_e5_2643_v3 -
intel xeon_e5 2667_v3
redhat enterprise_linux_server 7.0
intel xeon_e3 1558l_v5
intel xeon_gold 86144
redhat enterprise_linux_server_tus 7.6
intel atom_c c3850
intel xeon_e3_1280 -
intel xeon_e3 1585l_v5
intel xeon_platinum 8160t
siemens simatic_ipc647c_firmware *
intel xeon_e3_1230l_v3 -
intel xeon_e3_1226_v3 -
mitel open_integration_gateway -
intel xeon_e5_2650_v2 -
intel xeon_e5_2603 -
redhat virtualization_manager 4.2
intel xeon_e5_2630_v2 -
intel xeon_e5 2697a_v4
nvidia jetson_tx2 *
intel xeon_e5_2650l -
intel xeon_e7 4890_v2
intel xeon_e5_2450 -
microsoft windows_10 1703
intel atom_z z3460
intel xeon_e5_2430 -
intel xeon_platinum 8153
intel xeon_e7 8891_v4
intel atom_z z3590
canonical ubuntu_linux 16.04
intel xeon_e5 4657l_v2
intel xeon_e5_2403_v2 -
intel core_m 32nm
intel pentium n4200
intel xeon_e5 2670
intel xeon_e3_1265l_v2 -
intel xeon_e3_1268l_v5 -
intel xeon_e5_2637 -
intel xeon_gold 86128
microsoft windows_10 1607
intel xeon_e3 w5580
siemens simatic_ipc847d_firmware *
intel xeon_e5_2628l_v3 -
intel xeon_e5 2667_v2
intel xeon_e5_2630l_v2 -
intel xeon_e5 4610_v2
intel xeon_e7 4809_v4
intel xeon_e3_1275l_v3 -
intel xeon_e5_2618l_v2 -
intel xeon_e7 2803
intel xeon_e5_2408l_v3 -
intel xeon_e3 x3480
intel xeon_e5_2640_v4 -
intel xeon_e5_2637_v3 -
microsoft surface_book 2
intel xeon_e3_1260l_v5 -
intel xeon_e3_1220l_v3 -
intel xeon_e3 1220_
arm cortex-a 15
intel xeon_e3_1280_v6 -
intel xeon_e5_2450l_v2 -
siemens simatic_ipc547g_firmware *
intel xeon_platinum 8176
oracle local_service_management_system *
intel atom_z z3745
intel xeon_e3_1270_v5 -
intel atom_z z3775
intel xeon_e3_1240_v2 -
intel xeon_e3 1515m_v5
intel xeon_gold 86126t
siemens sinumerik_pcu_50.5_firmware *
redhat virtualization 4.0
intel xeon_e3_1105c_v2 -
intel xeon_platinum 8156
mitel mivoice_5000 -
intel celeron_j j3455
intel xeon_e5_2440 -
intel xeon_e5 2658_v2
microsoft surface -
intel xeon_e7 2850_v2
intel xeon_e5_1620_v2 -
siemens sinumerik_840_d_sl_firmware -
intel xeon_e3_1275_v3 -
intel xeon_e7 4870_v2
intel xeon_e5_2403 -
intel xeon_e3_1231_v3 -
intel xeon_e3_1258l_v4 -
intel xeon_e5_2650 -
redhat enterprise_linux_server_tus 6.6
siemens simatic_ipc827c_firmware *
siemens itc1900_firmware *
microsoft surface_pro 3
intel xeon_e3_1240l_v3 -
intel atom_e e3815
intel xeon_e5_2450_v2 -
intel xeon_e5 4627_v3
intel xeon_e7 8894_v4
intel xeon_silver 4114t
intel xeon_silver 4109t
mitel mivoice_business -
intel atom_z z2560
intel xeon_e7 8850_v2
intel atom_c c2308
intel xeon_e5 2650l_v4
intel xeon_e3 x3450
intel xeon_gold 86134
intel xeon_e5 2690_v4
intel xeon_gold 86138
siemens simatic_ipc477d_firmware *
intel xeon_e3 e5506
intel atom_c c3808
intel atom_z z2520
intel xeon_e3_1240_v5 -
intel xeon_e5_2448l -
siemens simatic_field_pg_m4_firmware *
redhat enterprise_linux_desktop 6.0
intel xeon_e3_1286l_v3 -
intel xeon_gold 86132
redhat enterprise_linux_server_aus 6.4
intel xeon_e5 2695_v2
intel xeon_e7 2870
intel pentium_silver j5005
intel xeon_e5_2630l -
intel xeon_e7 2870_v2
intel core_i5 45nm
nvidia jetson_tx1 *
intel xeon_e5 2699r_v4
intel xeon_gold 86126
intel xeon_e3 l5530
intel xeon_e5_1660_v2 -
intel xeon_e5 4627_v4
intel xeon_e5 2670_v3
intel atom_z z3735f
intel xeon_e5_2620_v3 -
intel xeon_e3 l5506
intel atom_x5-e3940 -
intel xeon_e5_2650_v4 -
redhat virtualization_manager 4.3
arm cortex-a 72
intel core_i7 32nm
intel atom_z z3570
intel atom_z z3745d
intel xeon_e5_2609_v4 -
intel xeon_e3_1225_v6 -
intel xeon_e5_2643 -
intel xeon_e5_2640_v2 -
intel xeon_e5_2630l_v4 -
intel xeon_platinum 8170m
intel xeon_silver 4112
intel xeon_e5_1428l -
intel xeon_e7 4830
intel xeon_e5_2603_v2 -
intel xeon_e5 2658_v3
intel xeon_e5 2699_v4
intel xeon_e5 4620
intel xeon_e7 8850
intel xeon_e7 8830
intel xeon_platinum 8160f
intel atom_c c3308
intel xeon_gold 86130f
canonical ubuntu_linux 17.10
redhat enterprise_linux_server_tus 7.2
intel xeon_e5_2420 -
intel xeon_e7 8860_v3
intel atom_c c3338
intel xeon_e5 2697_v4
sonicwall global_management_system -
intel xeon_platinum 8176m
intel xeon_e5_1660_v3 -
intel xeon_e3_1286_v3 -
intel xeon_e3_1235l_v5 -
intel xeon_e5 2660_v4
intel xeon_e3_1220_v6 -
intel atom_z z3775d
intel xeon_e5_1660 -
intel xeon_e5 2697_v3
intel xeon_e3 e5540
intel celeron_n n3450
intel xeon_e5 2687w
intel xeon_e5 2699_v3
intel xeon_e5_2603_v3 -
intel atom_x7-e3950 -
intel xeon_e3 1535m_v5
intel celeron_j j4005
intel atom_z z2760
intel xeon_e3 x3460
intel xeon_e3 e5530
intel xeon_e7 2860
intel xeon_e3_1230_v2 -
siemens simatic_ipc847c_firmware *
intel xeon_e3_1270_v2 -
intel xeon_e5_2643_v2 -
siemens sinema_remote_connect_firmware -
intel xeon_e3_1245_v5 -
intel xeon_e5_1620_v4 -
intel xeon_e7 4850_v4
intel xeon_e5_2648l_v2 -
intel xeon_e3_1245 -
intel xeon_e5 2690
intel atom_z z3735g
intel xeon_e7 4850_v3
intel xeon_e3 3600
mitel mivoice_connect -
intel xeon_e5_2637_v4 -
siemens itc2200_firmware *
intel xeon_e5 4603
intel xeon_e3_1241_v3 -
intel xeon_e5 4640
intel xeon_e7 8893_v3
intel xeon_e7 4820_v4
intel xeon_e3_1230_v5 -
intel xeon_e3 l5518_
intel xeon_e3_1225_v3 -
intel xeon_e3_1270_v6 -
intel xeon_e7 4820
siemens simatic_et_200_sp_firmware *
intel xeon_e3_1270 -
intel xeon_e5 2699a_v4
intel xeon_e5 4660_v3
intel xeon_e3_1278l_v4 -
intel xeon_e7 4807
intel xeon_gold 86138f
intel xeon_e5 2670_v2
intel xeon_e3_1240_v6 -
intel xeon_e3_1260l -
oracle solaris 11
intel atom_z z3736g
siemens simotion_p320-4e_firmware *
intel xeon_e5_2407_v2 -
microsoft windows_server_2012 r2
canonical ubuntu_linux 12.04
intel xeon_e5 4650
intel xeon_e5 4650_v3
intel xeon_e3_1275_v5 -
intel xeon_silver 4116t
intel xeon_e5 4669_v4
intel atom_z z3795
intel xeon_e7 4830_v2
siemens sinumerik_tcu_30.3_firmware -
intel xeon_e5_2418l_v3 -
siemens simatic_ipc427e_firmware *
intel xeon_e5_2618l_v4 -
intel xeon_e3_1290 -
intel xeon_e3_1220_v3 -
microsoft windows_10 1709
microsoft windows_server_2008 r2
intel xeon_e3 1585_v5
sonicwall sonicosv -
intel xeon_platinum 8160m
intel xeon_e5 4620_v4
intel xeon_e3_1245_v2 -
intel xeon_silver 4108
intel xeon_gold 86142m
intel xeon_e7 2830
intel xeon_e5 4660_v4
intel xeon_e3 1578l_v5
intel xeon_e3_1245_v3 -
intel xeon_e3_1285l_v4 -
intel xeon_e5_1650_v2 -
arm cortex-a 57
intel xeon_e5 2687w_v2
intel xeon_e7 8880l_v2
microsoft windows_server_2008 sp2
intel xeon_e5_2640 -
intel xeon_e3 1545m_v5
intel xeon_e3_12201_v2 -
intel xeon_gold 85122
intel xeon_e3 e6510
canonical ubuntu_linux 18.04
intel xeon_e5 2683_v4
mitel micloud_management_portal *
intel atom_e e3845
intel xeon_e5_2637_v2 -
intel xeon_e5 2660_v3
intel xeon_gold 85120t
intel xeon_e5_1428l_v3 -
intel atom_e e3826
redhat enterprise_linux_server_aus 6.5
intel xeon_e5_2450l -
intel xeon_e5 2658
intel xeon_e3_1290_v2 -
intel xeon_e5_2418l -
intel xeon_e5_2628l_v4 -
intel xeon_e5_2609_v2 -
microsoft surface_pro_with_lte_advanced 1807
intel xeon_e5_1680_v3 -
microsoft surface_studio -
intel xeon_e7 8880l_v3
intel atom_c c3508
intel xeon_e5_2608l_v3 -
intel xeon_silver 4114
intel xeon_gold 86152
microsoft windows_10 1803
siemens simatic_ipc427d_firmware *
intel atom_z z3580
redhat openstack 12
intel xeon_e3_1280_v2 -
intel xeon_e5 4620_v2
intel xeon_e7 4860
intel xeon_gold 86142
intel xeon_e5_2630 -
intel xeon_e7 2820
intel xeon_e3_1240_v3 -
intel xeon_e5 4640_v2
intel xeon_e5_2609 -
intel xeon_e7 8880_v3
intel atom_z z3785
intel xeon_e5 2665
intel xeon_e3_12201 -
intel xeon_e5_2438l_v3 -
intel xeon_e7 8891_v2
intel xeon_e3 1275_
intel core_i3 32nm
intel xeon_e3_1280_v3 -
redhat enterprise_linux_server_aus 5.9
siemens itc1500_firmware *
intel xeon_e3_1240 -
siemens simatic_ipc477c_firmware -
intel xeon_e3_1220_v5 -
intel xeon_e5_2643_v4 -
canonical ubuntu_linux 14.04
intel xeon_e5_2430_v2 -
intel xeon_e5_2623_v3 -
siemens simatic_ipc677d_firmware *
intel xeon_e5 2660_v2
intel xeon_platinum 8160
intel xeon_gold 5115
intel xeon_e7 8891_v3
intel xeon_e5 4650l
intel xeon_gold 86154
redhat enterprise_linux_eus 7.5
intel xeon_e7 8857_v2
intel atom_z z2580
intel atom_z z3736f
siemens itc1900_pro_firmware *
redhat enterprise_linux_workstation 7.0
intel xeon_e7 4880_v2
intel xeon_e3 l5520
redhat openstack 10
siemens simatic_ipc347e_firmware *
redhat mrg_realtime 2.0
sonicwall web_application_firewall -
schneider-electric struxureware_data_center_expert *
intel xeon_e5_2470 -
microsoft surface_pro 1796
intel xeon_e7 4820_v2
intel xeon_e3 1575m_v5
intel xeon_gold 85119t
intel atom_e e3827
intel xeon_e3_1285l_v3 -
intel xeon_e5 4648_v3
intel xeon_e5_2623_v4 -
redhat enterprise_linux_server_aus 6.6
intel xeon_e5 2698_v3
intel xeon_e5 4655_v4
intel xeon_e5_1620_v3 -
intel xeon_e3 1505m_v6
intel xeon_e3_1505l_v5 -
intel xeon_e5_2620 -
intel xeon_e5 4624l_v2
intel xeon_e5_2448l_v2 -
intel xeon_e3 x3430
intel pentium n4000
intel xeon_e5_2428l_v3 -
intel xeon_e3_1275_v6 -
intel xeon_platinum 8164
redhat openstack 7.0
intel xeon_e3 x5570
intel xeon_e5_2608l_v4 -
intel xeon_gold 86140m
intel xeon_e7 8890_v4
intel atom_z z3740d
redhat enterprise_linux_server_tus 7.4
intel xeon_e3 x3470
intel xeon_e5_2430l -
intel atom_c c3558
intel xeon_gold 86140
intel xeon_e5 2690_v2
siemens simatic_s7-1500_firmware *
intel xeon_e5_2420_v2 -
microsoft windows_10 1809
intel xeon_e5_2620_v2 -
intel xeon_e5_2650l_v2 -
debian debian_linux 9.0
intel xeon_e7 4809_v3
intel xeon_e7 8890_v2
intel atom_x5-e3930 -
intel xeon_e3 e5504
siemens ruggedcom_ape_firmware -
intel xeon_e7 8867_v4
redhat enterprise_linux_eus 7.6
intel xeon_e5_1428l_v2 -
intel xeon_e-1105c -
sonicwall email_security -
redhat enterprise_linux_server_aus 7.7
intel xeon_e5 4610_v4
intel xeon_e7 4830_v4
intel xeon_e7 8870_v2
microsoft windows_8.1 -
intel atom_z z3740
microsoft windows_server_2016 1803
intel xeon_gold 85115
intel xeon_e5 4607
intel xeon_e5 4610_v3
intel xeon_gold 86148
intel atom_c c3708
intel xeon_e3_1276_v3 -
redhat enterprise_linux_server_aus 7.3
intel atom_c c3858
intel xeon_e5 4669_v3
intel xeon_e3_1245_v6 -
intel xeon_e7 4850_v2
redhat openstack 13
intel xeon_e5_2440_v2 -
intel xeon_e3_1240l_v5 -
intel atom_z z2460
intel atom_z z3480
intel xeon_e3_1270_v3 -
microsoft windows_7 -
intel xeon_e5_2648l_v3 -
intel xeon_gold 86130t
intel xeon_e5_2650l_v3 -
intel xeon_gold 85120
intel xeon_e3_1230_v3 -
intel atom_c c3538
intel xeon_gold 86134m
intel atom_z z3770d
intel xeon_e5_1620 -
redhat enterprise_linux_eus 7.4
intel atom_z z3530
sonicwall secure_mobile_access -
intel atom_c c3958
intel xeon_e5_2628l_v2 -
intel xeon_e5_2648l -
intel xeon_e5 2680_v2
intel xeon_e3 x5560
intel xeon_e5 2695_v4
intel atom_z z2480
intel xeon_e5 4620_v3
intel xeon_e3_1225 -
intel xeon_e3 l3403
siemens simatic_ipc477e_pro_firmware *
intel xeon_e3_1285_v3 -
intel xeon_e5 2680_v3
intel pentium n4100
intel xeon_e5_2407 -
intel xeon_e7 4830_v3
intel atom_c c3950
intel xeon_e3 1565l_v5
intel xeon_e5_2430l_v2 -
intel xeon_platinum 8168
intel xeon_e7 4850
intel xeon_e5 2687w_v4
intel xeon_e5 4667_v3
intel xeon_e3 e5520
intel xeon_e7 8870
intel xeon_e5_2609_v3 -
redhat enterprise_linux_eus 7.7
intel xeon_e7 8870_v4
intel xeon_e7 8880_v2
intel xeon_e5_2630_v3 -
intel xeon_e3 l3426
intel xeon_e7 8867l
mitel mivoic_mx-one -
intel atom_z z3735e
intel xeon_e3 5600
siemens simatic_ipc827d_firmware *
intel atom_c c3830
redhat openstack 9
intel xeon_e3_1501m_v6 -
intel xeon_e7 4809_v2
intel xeon_e5 2690_v3
intel xeon_e5 4628l_v4
intel xeon_e5_2618l_v3 -
intel xeon_platinum 8176f
intel xeon_e5 2698_v4
intel xeon_e5 2695_v3
intel xeon_e5_1630_v4 -
redhat enterprise_linux_workstation 6.0
intel xeon_e3 e5507
intel xeon_e3_1281_v3 -
redhat enterprise_linux_server_aus 7.2
intel xeon_e7 2850
intel atom_e e3825
intel xeon_e5 2687w_v3
intel xeon_e5 4617
redhat enterprise_linux_server 6.0
intel xeon_e3 e6550
intel xeon_e3_1505m_v5 -
intel xeon_e5_1680_v4 -
intel atom_z z3770
intel xeon_e3_1265l_v3 -
intel xeon_e3 e6540
intel xeon_e5 2667_v4
CVE-2018-3640 MEDIUM

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-203,

Products Affected

Vendor Product Version
intel atom_c c3750
intel xeon_e3 x5550
intel xeon_e3_1230_v6 -
intel xeon_e5 4607_v2
intel xeon_platinum 8170
intel xeon_e3 e5503
intel xeon_e5_2640_v3 -
intel xeon_e7 2880_v2
intel core_i3 45nm
intel xeon_e5 4640_v4
intel xeon_e5_1650 -
intel xeon_e7 8870_v3
intel pentium_silver n5000
intel xeon_e5_2630_v4 -
intel xeon_e7 8837
intel xeon_e5_2428l_v2 -
intel xeon_e3 1535m_v6
intel xeon_e7 8860_v4
intel xeon_e3_1501l_v6 -
intel xeon_silver 4110
intel core_m 45nm
intel xeon_gold 86136
intel xeon_e5 4667_v4
intel xeon_e5_2470_v2 -
intel atom_c c3758
intel xeon_e7 4860_v2
intel xeon_e5_2650_v3 -
intel xeon_gold 85118
intel xeon_e5 2660
intel xeon_gold 86142f
intel xeon_gold 86130
intel xeon_e3_1280_v5 -
intel xeon_e3_1268l_v3 -
intel xeon_e3 x3440
intel xeon_e7 8890_v3
intel xeon_e5 4610
intel xeon_e5 2683_v3
intel xeon_e3_1265l_v4 -
intel xeon_e3_1285_v6 -
intel xeon_e5 2697_v2
intel xeon_e5_1630_v3 -
intel xeon_e5_2630l_v3 -
intel xeon_gold 86138t
intel xeon_e3_1285_v4 -
intel xeon_e3 w5590
intel xeon_e7 8893_v4
intel xeon_e5 4650_v4
intel xeon_e3_1235 -
intel xeon_e5_2428l -
intel xeon_e5 4627_v2
intel xeon_e5_2620_v4 -
intel xeon_e3_1230 -
intel atom_z z3560
intel xeon_gold 86146
intel xeon_e5 2680_v4
intel xeon_e5 4603_v2
intel xeon_e7 8893_v2
intel xeon_e5 4640_v3
intel xeon_e5_1650_v3 -
intel xeon_e3 l3406
intel xeon_e5 2658a_v3
intel xeon_e5 4655_v3
intel xeon_e3_1271_v3 -
intel xeon_e3_1220_v2 -
intel xeon_e5 2680
intel xeon_platinum 8158
intel atom_z z3735d
intel xeon_e3_1275_v2 -
intel xeon_e5 4650_v2
intel xeon_e5_2418l_v2 -
intel xeon_e3 125c_
intel xeon_e5_1660_v4 -
intel xeon_e7 2890_v2
intel xeon_e3_1225_v2 -
intel xeon_e7 8860
intel xeon_silver 4116
intel xeon_gold 86148f
intel xeon_e7 4870
intel atom_c c3955
intel xeon_e3_1225_v5 -
intel xeon_e7 8880_v4
intel xeon_e3_1246_v3 -
intel xeon_e5 2667
intel xeon_e3 e5502
intel xeon_e5 2658_v4
intel xeon_e3_1125c_v2 -
intel celeron_j j4105
intel xeon_e5_2603_v4 -
intel xeon_e5_2648l_v4 -
intel xeon_e7 8867_v3
intel xeon_gold 86150
intel xeon_platinum 8180
intel core_i5 32nm
intel xeon_e3 7500
intel xeon_e3 l5508_
intel atom_z z2420
intel xeon_e3_1505l_v6 -
intel xeon_e7 4820_v3
intel core_i7 45nm
intel xeon_e5_1650_v4 -
intel pentium_j j4205
intel atom_e e3805
intel xeon_gold 86126f
intel xeon_e5_2643_v3 -
intel xeon_e5 2667_v3
intel xeon_e3 1558l_v5
intel xeon_gold 86144
intel atom_c c3850
intel xeon_e3_1280 -
intel xeon_e3 1585l_v5
intel xeon_platinum 8160t
intel xeon_e3_1230l_v3 -
intel xeon_e3_1226_v3 -
intel xeon_e5_2650_v2 -
intel xeon_e5_2603 -
intel xeon_e5_2630_v2 -
intel xeon_e5 2697a_v4
intel xeon_e5_2650l -
intel xeon_e7 4890_v2
intel xeon_e5_2450 -
intel atom_z z3460
intel xeon_e5_2430 -
intel xeon_platinum 8153
intel xeon_e7 8891_v4
intel atom_z z3590
intel xeon_e5 4657l_v2
intel xeon_e5_2403_v2 -
intel core_m 32nm
intel pentium n4200
intel xeon_e5 2670
intel xeon_e3_1265l_v2 -
intel xeon_e3_1268l_v5 -
intel xeon_e5_2637 -
intel xeon_gold 86128
intel xeon_e3 w5580
intel xeon_e5_2628l_v3 -
intel xeon_e5 2667_v2
intel xeon_e5_2630l_v2 -
intel xeon_e5 4610_v2
intel xeon_e7 4809_v4
intel xeon_e3_1275l_v3 -
intel xeon_e5_2618l_v2 -
intel xeon_e7 2803
intel xeon_e5_2408l_v3 -
intel xeon_e3 x3480
intel xeon_e5_2640_v4 -
intel xeon_e5_2637_v3 -
intel xeon_e3_1260l_v5 -
intel xeon_e3_1220l_v3 -
intel xeon_e3 1220_
arm cortex-a 15
intel xeon_e3_1280_v6 -
intel xeon_e5_2450l_v2 -
intel xeon_platinum 8176
intel atom_z z3745
intel xeon_e3_1270_v5 -
intel atom_z z3775
intel xeon_e3_1240_v2 -
intel xeon_e3 1515m_v5
intel xeon_gold 86126t
intel xeon_e3_1105c_v2 -
intel xeon_platinum 8156
intel celeron_j j3455
intel xeon_e5_2440 -
intel xeon_e5 2658_v2
intel xeon_e7 2850_v2
intel xeon_e5_1620_v2 -
intel xeon_e3_1275_v3 -
intel xeon_e7 4870_v2
intel xeon_e5_2403 -
intel xeon_e3_1231_v3 -
intel xeon_e3_1258l_v4 -
intel xeon_e5_2650 -
intel xeon_e3_1240l_v3 -
intel atom_e e3815
intel xeon_e5_2450_v2 -
intel xeon_e5 4627_v3
intel xeon_e7 8894_v4
intel xeon_silver 4114t
intel xeon_silver 4109t
intel atom_z z2560
intel xeon_e7 8850_v2
intel atom_c c2308
intel xeon_e5 2650l_v4
intel xeon_e3 x3450
intel xeon_gold 86134
intel xeon_e5 2690_v4
intel xeon_gold 86138
intel xeon_e3 e5506
intel atom_c c3808
intel atom_z z2520
intel xeon_e3_1240_v5 -
intel xeon_e5_2448l -
intel xeon_e3_1286l_v3 -
intel xeon_gold 86132
intel xeon_e5 2695_v2
intel xeon_e7 2870
intel pentium_silver j5005
intel xeon_e5_2630l -
intel xeon_e7 2870_v2
intel core_i5 45nm
intel xeon_e5 2699r_v4
intel xeon_gold 86126
intel xeon_e3 l5530
intel xeon_e5_1660_v2 -
intel xeon_e5 4627_v4
intel xeon_e5 2670_v3
intel atom_z z3735f
intel xeon_e5_2620_v3 -
intel xeon_e3 l5506
intel xeon_e5_2650_v4 -
arm cortex-a 72
intel core_i7 32nm
intel atom_z z3570
intel atom_z z3745d
intel xeon_e5_2609_v4 -
intel xeon_e3_1225_v6 -
intel xeon_e5_2643 -
intel xeon_e5_2640_v2 -
intel xeon_e5_2630l_v4 -
intel xeon_platinum 8170m
intel xeon_silver 4112
intel xeon_e5_1428l -
intel xeon_e7 4830
intel xeon_e5_2603_v2 -
intel xeon_e5 2658_v3
intel xeon_e5 2699_v4
intel xeon_e5 4620
intel xeon_e7 8850
intel xeon_e7 8830
intel xeon_platinum 8160f
intel atom_c c3308
intel xeon_gold 86130f
intel xeon_e5_2420 -
intel xeon_e7 8860_v3
intel atom_c c3338
intel xeon_e5 2697_v4
intel xeon_platinum 8176m
intel xeon_e5_1660_v3 -
intel xeon_e3_1286_v3 -
intel xeon_e3_1235l_v5 -
intel xeon_e5 2660_v4
intel xeon_e3_1220_v6 -
intel atom_z z3775d
intel xeon_e5_1660 -
intel xeon_e5 2697_v3
intel xeon_e3 e5540
intel celeron_n n3450
intel xeon_e5 2687w
intel xeon_e5 2699_v3
intel xeon_e5_2603_v3 -
intel xeon_e3 1535m_v5
intel celeron_j j4005
intel atom_z z2760
intel xeon_e3 x3460
intel xeon_e3 e5530
intel xeon_e7 2860
intel xeon_e3_1230_v2 -
intel xeon_e3_1270_v2 -
intel xeon_e5_2643_v2 -
intel xeon_e3_1245_v5 -
intel xeon_e5_1620_v4 -
intel xeon_e7 4850_v4
intel xeon_e5_2648l_v2 -
intel xeon_e3_1245 -
intel xeon_e5 2690
intel atom_z z3735g
intel xeon_e7 4850_v3
intel xeon_e3 3600
intel xeon_e5_2637_v4 -
intel xeon_e5 4603
intel xeon_e3_1241_v3 -
intel xeon_e5 4640
intel xeon_e7 8893_v3
intel xeon_e7 4820_v4
intel xeon_e3_1230_v5 -
intel xeon_e3 l5518_
intel xeon_e3_1225_v3 -
intel xeon_e3_1270_v6 -
intel xeon_e7 4820
intel xeon_e3_1270 -
intel xeon_e5 2699a_v4
intel xeon_e5 4660_v3
intel xeon_e3_1278l_v4 -
intel xeon_e7 4807
intel xeon_gold 86138f
intel xeon_e5 2670_v2
intel xeon_e3_1240_v6 -
intel xeon_e3_1260l -
intel atom_z z3736g
intel xeon_e5_2407_v2 -
intel xeon_e5 4650
intel xeon_e5 4650_v3
intel xeon_e3_1275_v5 -
intel xeon_silver 4116t
intel xeon_e5 4669_v4
intel atom_z z3795
intel xeon_e7 4830_v2
intel xeon_e5_2418l_v3 -
intel xeon_e5_2618l_v4 -
intel xeon_e3_1290 -
intel xeon_e3_1220_v3 -
intel xeon_e3 1585_v5
intel xeon_platinum 8160m
intel xeon_e5 4620_v4
intel xeon_e3_1245_v2 -
intel xeon_silver 4108
intel xeon_gold 86142m
intel xeon_e7 2830
intel xeon_e5 4660_v4
intel xeon_e3 1578l_v5
intel xeon_e3_1245_v3 -
intel xeon_e3_1285l_v4 -
intel xeon_e5_1650_v2 -
arm cortex-a 57
intel xeon_e5 2687w_v2
intel xeon_e7 8880l_v2
intel xeon_e5_2640 -
intel xeon_e3 1545m_v5
intel xeon_e3_12201_v2 -
intel xeon_gold 85122
intel xeon_e3 e6510
intel xeon_e5 2683_v4
intel atom_e e3845
intel xeon_e5_2637_v2 -
intel xeon_e5 2660_v3
intel xeon_gold 85120t
intel xeon_e5_1428l_v3 -
intel atom_e e3826
intel xeon_e5_2450l -
intel xeon_e5 2658
intel xeon_e3_1290_v2 -
intel xeon_e5_2418l -
intel xeon_e5_2628l_v4 -
intel xeon_e5_2609_v2 -
intel xeon_e5_1680_v3 -
intel xeon_e7 8880l_v3
intel atom_c c3508
intel xeon_e5_2608l_v3 -
intel xeon_silver 4114
intel xeon_gold 86152
intel atom_z z3580
intel xeon_e3_1280_v2 -
intel xeon_e5 4620_v2
intel xeon_e7 4860
intel xeon_gold 86142
intel xeon_e5_2630 -
intel xeon_e7 2820
intel xeon_e3_1240_v3 -
intel xeon_e5 4640_v2
intel xeon_e5_2609 -
intel xeon_e7 8880_v3
intel atom_z z3785
intel xeon_e5 2665
intel xeon_e3_12201 -
intel xeon_e5_2438l_v3 -
intel xeon_e7 8891_v2
intel xeon_e3 1275_
intel core_i3 32nm
intel xeon_e3_1280_v3 -
intel xeon_e3_1240 -
intel xeon_e3_1220_v5 -
intel xeon_e5_2643_v4 -
intel xeon_e5_2430_v2 -
intel xeon_e5_2623_v3 -
intel xeon_e5 2660_v2
intel xeon_platinum 8160
intel xeon_gold 5115
intel xeon_e7 8891_v3
intel xeon_e5 4650l
intel xeon_gold 86154
intel xeon_e7 8857_v2
intel atom_z z2580
intel atom_z z3736f
intel xeon_e7 4880_v2
intel xeon_e3 l5520
intel xeon_e5_2470 -
intel xeon_e7 4820_v2
intel xeon_e3 1575m_v5
intel xeon_gold 85119t
intel atom_e e3827
intel xeon_e3_1285l_v3 -
intel xeon_e5 4648_v3
intel xeon_e5_2623_v4 -
intel xeon_e5 2698_v3
intel xeon_e5 4655_v4
intel xeon_e5_1620_v3 -
intel xeon_e3 1505m_v6
intel xeon_e3_1505l_v5 -
intel xeon_e5_2620 -
intel xeon_e5 4624l_v2
intel xeon_e5_2448l_v2 -
intel xeon_e3 x3430
intel pentium n4000
intel xeon_e5_2428l_v3 -
intel xeon_e3_1275_v6 -
intel xeon_platinum 8164
intel xeon_e3 x5570
intel xeon_e5_2608l_v4 -
intel xeon_gold 86140m
intel xeon_e7 8890_v4
intel atom_z z3740d
intel xeon_e3 x3470
intel xeon_e5_2430l -
intel atom_c c3558
intel xeon_gold 86140
intel xeon_e5 2690_v2
intel xeon_e5_2420_v2 -
intel xeon_e5_2620_v2 -
intel xeon_e5_2650l_v2 -
intel xeon_e7 4809_v3
intel xeon_e7 8890_v2
intel xeon_e3 e5504
intel xeon_e7 8867_v4
intel xeon_e5_1428l_v2 -
intel xeon_e-1105c -
intel xeon_e5 4610_v4
intel xeon_e7 4830_v4
intel xeon_e7 8870_v2
intel atom_z z3740
intel xeon_gold 85115
intel xeon_e5 4607
intel xeon_e5 4610_v3
intel xeon_gold 86148
intel atom_c c3708
intel xeon_e3_1276_v3 -
intel atom_c c3858
intel xeon_e5 4669_v3
intel xeon_e3_1245_v6 -
intel xeon_e7 4850_v2
intel xeon_e5_2440_v2 -
intel xeon_e3_1240l_v5 -
intel atom_z z2460
intel atom_z z3480
intel xeon_e3_1270_v3 -
intel xeon_e5_2648l_v3 -
intel xeon_gold 86130t
intel xeon_e5_2650l_v3 -
intel xeon_gold 85120
intel xeon_e3_1230_v3 -
intel atom_c c3538
intel xeon_gold 86134m
intel atom_z z3770d
intel xeon_e5_1620 -
intel atom_z z3530
intel atom_c c3958
intel xeon_e5_2628l_v2 -
intel xeon_e5_2648l -
intel xeon_e5 2680_v2
intel xeon_e3 x5560
intel xeon_e5 2695_v4
intel atom_z z2480
intel xeon_e5 4620_v3
intel xeon_e3_1225 -
intel xeon_e3 l3403
intel xeon_e3_1285_v3 -
intel xeon_e5 2680_v3
intel pentium n4100
intel xeon_e5_2407 -
intel xeon_e7 4830_v3
intel atom_c c3950
intel xeon_e3 1565l_v5
intel xeon_e5_2430l_v2 -
intel xeon_platinum 8168
intel xeon_e7 4850
intel xeon_e5 2687w_v4
intel xeon_e5 4667_v3
intel xeon_e3 e5520
intel xeon_e7 8870
intel xeon_e5_2609_v3 -
intel xeon_e7 8870_v4
intel xeon_e7 8880_v2
intel xeon_e5_2630_v3 -
intel xeon_e3 l3426
intel xeon_e7 8867l
intel atom_z z3735e
intel xeon_e3 5600
intel atom_c c3830
intel xeon_e3_1501m_v6 -
intel xeon_e7 4809_v2
intel xeon_e5 2690_v3
intel xeon_e5 4628l_v4
intel xeon_e5_2618l_v3 -
intel xeon_platinum 8176f
intel xeon_e5 2698_v4
intel xeon_e5 2695_v3
intel xeon_e5_1630_v4 -
intel xeon_e3 e5507
intel xeon_e3_1281_v3 -
intel xeon_e7 2850
intel atom_e e3825
intel xeon_e5 2687w_v3
intel xeon_e5 4617
intel xeon_e3 e6550
intel xeon_e3_1505m_v5 -
intel xeon_e5_1680_v4 -
intel atom_z z3770
intel xeon_e3_1265l_v3 -
intel xeon_e3 e6540
intel xeon_e5 2667_v4
CVE-2018-3693 MEDIUM

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.6 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N 1.1 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
intel celeron_n n4000
intel core_i7 840qm
intel core_i3 6100te
intel pentium_j j2900
intel xeon_e3_1230_v6 -
intel xeon_e5 4607_v2
intel core_i7 5700hq
intel core_i7 660lm
intel xeon_gold 6140m
intel core_i7 5700eq
intel core_i7 960
intel core_i3 2120
intel xeon l5506
intel core_i7 7820hk
intel xeon e7540
intel core_i5 4250u
intel core_i3 330um
intel core_i7 680um
intel xeon_e5 4640_v4
intel core_i7 2675qm
intel xeon_e7 8860_v4
intel core_i7 975
intel core_i3 4360
intel xeon_silver 4110
intel core_i5 680
intel core_i7 640m
intel xeon_e7 4860_v2
intel xeon x5647
intel xeon_e5_2650_v3 -
intel core_i5 5675c
intel xeon_e3_1280_v5 -
intel pentium_n n3700
intel celeron_j j3355
intel core_m5 6y57
intel xeon_e7 8890_v3
intel xeon_e5 4610
intel xeon ec5539
intel xeon_e3_1285_v6 -
intel xeon_e5 2697_v2
intel xeon_e5_2630l_v3 -
intel core_i5 480m
intel xeon_e5 4650_v4
intel xeon_e3_1230 -
intel atom_x3 c3230rk
intel atom_z z3560
intel core_i5 4340m
intel core_i7 870s
intel core_i5 2300
intel xeon e5502
intel core_m 5y10a
intel xeon_e5 2658a_v3
intel xeon_e5 4655_v3
intel xeon w3690
intel xeon_e3_1220_v2 -
intel xeon_e5 2680
intel core_i3 4158u
intel core_i3 6102e
intel xeon_platinum 8158
intel xeon e6510
intel atom_c c2508
redhat enterprise_linux_desktop 7.0
intel xeon_e3_1275_v2 -
intel core_i5 5575r
intel core_i7 2600s
intel xeon e5503
intel core_i5 2400s
intel core_i7 3770k
intel core_i3 4150
intel core_i7 4578u
intel core_i5 3439y
intel core_i5 4440s
intel xeon_e5 4650_v2
intel celeron_n n2920
intel xeon_e5_2418l_v2 -
intel core_i7 7567u
intel atom_c c2338
intel core_i3 2367m
intel xeon_e7 2890_v2
intel xeon_gold 6142f
intel xeon e5607
intel xeon_e7 8860
intel xeon_silver 4116
intel core_i3 4170t
intel core_i7 4760hq
intel pentium_n n3710
intel xeon l7555
intel core_i5 4590
intel core_i7 3612qe
intel core_i3 3245
intel core_i7 980x
intel core_i7 4950hq
intel core_i5 3550
intel xeon_e7 4870
intel celeron_j j1850
intel xeon_e3_1225_v5 -
intel xeon_e7 8880_v4
intel xeon_e5 2667
intel xeon x3470
intel core_i7 3635qm
intel xeon_e3_1125c_v2 -
intel core_i7 5775c
intel xeon_e5_2648l_v4 -
intel atom_x3 c3265rk
intel core_i7 4500u
intel xeon_e7 8867_v3
intel xeon x3450
intel core_i7 7660u
intel xeon w5580
intel core_i3 2102
intel core_i3 4020y
intel core_i5 6350hq
intel xeon_phi 7295
oracle communications_eagle_application_processor 16.1.0
intel xeon l3426
intel core_i3 530
intel core_i3 3130m
intel core_i3 2312m
intel core_i5 2380p
intel core_i7 4710mq
intel xeon_e3_1505l_v6 -
intel xeon_e5_1650_v4 -
arm cortex-a 76
intel pentium_j j4205
intel xeon e5603
intel xeon_e5_2643_v3 -
arm cortex-r 7
intel xeon_e3 1558l_v5
redhat enterprise_linux_server_tus 7.6
intel xeon_e3 1585l_v5
intel xeon_platinum 8160t
intel core_i7 3610qm
intel core_i7 4712hq
intel core_i3 380um
intel core_i7 3517u
intel core_i3 3217ue
intel core_i7 8650u
intel atom_c c2518
intel xeon e5530
intel xeon_e5 2697a_v4
intel xeon x5690
intel core_i5 6360u
intel core_i3 3220
intel xeon_e5_2430 -
intel core_i3 4110m
intel xeon_gold 6130t
intel xeon_e5_2403_v2 -
intel xeon_e5 2670
intel core_m 5y31
intel xeon_e3_1265l_v2 -
intel xeon_e3_1268l_v5 -
intel core_i5 2410m
intel xeon_e5_2637 -
intel core_i5 6600t
intel core_i7 2657m
intel core_i5 4400e
intel xeon x5550
intel xeon_e5_2630l_v2 -
intel atom_c c2750
intel core_i7 2700k
intel xeon_e5 4610_v2
intel xeon_e3_1275l_v3 -
intel xeon_e5_2618l_v2 -
intel core_i3 2330m
intel core_i3 3220t
intel atom_c c2550
intel xeon_e7 2803
intel core_m 5y51
intel core_i3 6098p
intel xeon_e5_2408l_v3 -
intel xeon_e5_2637_v3 -
arm cortex-a 15
intel core_i5 560um
intel core_i7 4810mq
intel core_i5 4200y
intel core_i7 660um
intel core_i3 3250t
intel core_i5 2500s
intel xeon_e5_2450l_v2 -
intel core_i7 875k
intel core_i5 750s
intel xeon_platinum 8176
intel core_i5 4670r
intel xeon x7560
intel core_i7 4790s
intel atom_z z3775
intel core_i7 860s
intel core_i5 2320
intel core_i3 350m
intel xeon_e3_1105c_v2 -
intel core_i5 5300u
intel core_i3 4330te
intel core_i7 4900mq
intel core_i5 4670
intel celeron_j j3455
intel core_i5 3330
intel xeon_e5 2658_v2
arm cortex-a 9
intel xeon_e7 2850_v2
intel xeon_e3_1275_v3 -
intel core_i7 4770r
redhat enterprise_linux_server_eus 7.6
intel core_i5 4350u
intel core_i5 6500te
intel xeon_e3_1231_v3 -
intel xeon_e3_1258l_v4 -
intel core_i3 2310e
intel core_i7 2860qm
intel core_i7 7700t
intel xeon x3440
intel xeon_e5_2450_v2 -
intel xeon_e5 4627_v3
intel core_i5 8250u
intel core_i5 2540m
intel core_i7 4770s
intel xeon_silver 4114t
intel core_i7 4550u
intel core_i7 3520m
intel pentium_n n3510
arm cortex-r 8
intel core_i5 4210y
intel core_i3 4025u
intel celeron_n n2815
intel xeon w3680
intel core_i7 5600u
intel core_i7 8700
intel xeon e5504
intel xeon_e3_1240_v5 -
intel xeon_e5_2448l -
intel core_i5 3470t
intel core_i5 520um
intel atom_c c2730
intel xeon w5590
intel core_m3 6y30
intel core_i3 4130
intel xeon_e7 2870
intel xeon_e5_2630l -
intel xeon_e7 2870_v2
intel xeon_e5 2699r_v4
intel core_i3 4030y
intel core_m5 6y54
intel core_i5 460m
intel xeon_gold 6152
intel xeon_e5 4627_v4
intel core_i3 2350m
intel core_i3 3120me
intel core_i5 8400
intel core_i7 640lm
intel core_i5 5250u
intel xeon_e5_2620_v3 -
intel core_i5 6267u
intel core_i5 6300hq
arm cortex-a 72
intel core_i5 660
intel xeon x3430
intel atom_z z3745d
intel xeon_e5_2609_v4 -
intel xeon_e3_1225_v6 -
intel xeon_e5_2643 -
intel atom_c c2738
intel xeon_platinum 8170m
intel core_i5 2405s
intel core_i5 661
intel xeon_e5 2658_v3
intel xeon_gold 6126t
intel xeon lc5518
intel xeon_e5 2699_v4
intel xeon_e5 4620
intel xeon_e7 8830
intel core_i7 7700k
intel core_i7 3615qm
intel xeon_e5_2420 -
intel core_i7 3517ue
intel core_i7 7600u
intel xeon_e5 2697_v4
intel core_i3 6167u
intel core_i3 5015u
intel atom_c c2558
intel core_i5 3437u
intel xeon_gold 6126f
intel xeon_e3_1286_v3 -
intel xeon_e3_1235l_v5 -
intel core_m3 7y30
intel xeon e5540
intel core_i5 6402p
intel atom_z z3775d
intel xeon_e3_1275 -
intel xeon_e5 2697_v3
intel celeron_n n3450
intel xeon_e5 2699_v3
intel xeon_e3 1535m_v5
intel xeon_e7 2860
intel core_i5 6500t
intel pentium_n n3520
intel xeon_e3_1230_v2 -
intel core_i7 4770k
redhat enterprise_linux 7.0
intel xeon_e3_1245_v5 -
intel xeon_e5_1620_v4 -
intel atom_z z3735g
intel xeon_e7 4850_v3
intel xeon e7520
intel core_i5 4430s
intel xeon x5677
intel core_i3 330e
intel xeon_e7 8893_v3
intel pentium_j j2850
intel celeron_j j1800
intel xeon_e3_1225_v3 -
intel core_i5 4460
intel core_i3 2357m
intel xeon_e3_1270_v6 -
intel xeon_e7 4820
intel core_i7 3740qm
intel xeon_e7 4807
intel xeon_e3_1240_v6 -
intel core_i5 4330m
arm cortex-a 17
intel celeron_n n2805
intel pentium_n n3530
intel xeon_e5_2407_v2 -
intel core_i3 2370m
intel core_i5 6300u
intel core_i7 950
intel xeon_gold 6130f
intel core_i5 450m
intel xeon_e5 4650_v3
intel xeon_e3_1275_v5 -
intel xeon_e5 4669_v4
intel core_i5 5287u
intel celeron_j j3060
intel core_i5 3450s
intel atom_z z3795
intel core_i3 4340te
intel xeon_e7 4830_v2
intel core_i5 3350p
intel xeon_e3_1220_v3 -
intel celeron_n n2810
intel core_i3 4102e
intel xeon_e3 1585_v5
intel xeon_platinum 8160m
intel xeon_e5 4620_v4
intel core_m3 7y32
intel xeon_e5 4660_v4
intel xeon_e3_1245_v3 -
intel xeon_e3_1285l_v4 -
intel xeon_gold 6140
intel core_i5 5257u
arm cortex-a 75
intel core_i7 4702hq
intel core_i5 3570
intel xeon x5675
intel xeon_e7 8880l_v2
intel core_i5 3475s
intel xeon l5618
intel atom_e e3845
intel xeon_e5_2637_v2 -
intel core_i3 5157u
intel xeon_e5 2660_v3
intel xeon_e5_1428l_v3 -
intel core_i7 3770
intel atom_e e3826
intel core_i7 4910mq
intel core_i5 5350h
intel core_i7 3632qm
intel xeon_e3_1290_v2 -
intel xeon_phi 7290f
intel xeon_e5_2418l -
intel xeon_e5_2628l_v4 -
intel core_i3 4370
intel xeon_e7 8880l_v3
intel xeon_e5_2608l_v3 -
intel core_i3 4030u
intel xeon_silver 4114
intel core_i7 920
intel core_i7 4600u
intel xeon_gold 5118
intel core_i5 6400t
intel xeon_e7 4860
intel xeon l5520
intel core_i7 7y75
intel core_i7 4610y
intel xeon_e3_1240_v3 -
intel core_i7 3612qm
intel core_i5 2400
intel core_i5 560m
intel xeon_e7 8880_v3
intel xeon_phi 7235
intel xeon_phi 7250
intel core_i3 550
intel core_i5 6200u
intel xeon_e7 8891_v2
intel core_i7 4980hq
intel core_i5 2500k
intel core_i3 2125
intel core_i5 4260u
intel atom_x3 c3130
intel xeon_gold 6132
intel xeon_e3_1280_v3 -
intel core_i3 3115c
intel xeon_phi 7290
intel core_i5 6400
intel core_i7 920xm
intel core_i7 870
intel core_i7 4790t
intel xeon_e3_1220_v5 -
intel xeon_e5_2643_v4 -
intel core_i7 660ue
intel core_i7 820qm
intel atom_x3 c3405
intel core_i7 4700hq
intel core_i7 8700k
intel xeon_e5 2660_v2
intel core_i5 4570s
intel xeon_e5 4650l
intel xeon_e7 8857_v2
intel atom_z z2580
intel xeon_gold 6136
intel core_i7 7820hq
intel xeon x6550
intel atom_z z3736f
intel xeon_gold 5120t
intel core_i3 3110m
intel core_i3 4110e
intel core_i3 560
intel xeon_bronze_3104 -
intel xeon_e3 1575m_v5
intel core_i7 4790
intel xeon_gold 5119t
intel xeon l5518
intel xeon_gold 6150
intel celeron_n n2930
intel core_i3 3217u
intel xeon_gold 6130
intel core_i3 2100
intel core_i7 3667u
intel xeon l5609
intel xeon_e3_1285l_v3 -
intel atom_c c2350
intel xeon_e3 1505m_v6
intel xeon_e5_2620 -
intel xeon_e5 4624l_v2
intel xeon_e5_2448l_v2 -
intel core_i5 4300u
intel core_i7 4785t
intel xeon x5670
intel core_i3 4170
intel xeon_e5_2428l_v3 -
intel xeon_e3_1275_v6 -
intel xeon x7542
intel xeon_platinum 8164
intel core_i3 4100e
intel core_i5 6260u
intel core_i3 2310m
intel core_i7 860
intel core_i7 2655le
redhat enterprise_linux_server_tus 7.4
intel core_i5 4288u
intel core_i3 5005u
intel xeon_e5_2430l -
intel core_i5 4360u
intel core_i5 4402e
intel core_i5 2467m
intel xeon_e5 2690_v2
intel xeon l7545
intel xeon_gold 6134
intel xeon_e5_2620_v2 -
intel xeon_e7 8890_v2
intel xeon_gold 6138
intel core_i7 2670qm
intel xeon_gold 5122
intel core_i3 4370t
intel core_i5 2310
intel xeon_e-1105c -
intel celeron_j j1750
intel xeon_e5 4610_v4
intel xeon x5570
intel xeon_e5 4610_v3
intel core_i7 2710qe
intel core_i3 2365m
intel xeon_e3_1276_v3 -
intel atom_c c3858
intel xeon_e5 4669_v3
intel xeon_e3_1245_v6 -
intel core_i7 2620m
intel core_i5 3317u
intel core_i7 4860hq
intel core_i5 2430m
intel xeon_e3_1270_v3 -
intel core_i7 620le
intel xeon_e5_2650l_v3 -
intel core_i5 5200u
intel celeron_n n2940
intel xeon_e3_1230_v3 -
intel core_i7 4770t
intel atom_c c3538
intel xeon x5650
intel xeon_gold 6142
intel xeon_gold 6142m
intel atom_z z3770d
intel core_i5 3230m
intel core_i3 2130
intel xeon_e5_1620 -
intel atom_c c3958
intel xeon_e5_2628l_v2 -
intel xeon e5606
intel xeon_phi 7230f
intel atom_z z2480
intel xeon_e3_1225 -
intel core_i7 4610m
intel xeon_e5 2680_v3
intel xeon_e5_2407 -
intel xeon_e7 4830_v3
intel core_i5 6600k
intel atom_c c2758
intel atom_c c2516
intel xeon_e5_2430l_v2 -
intel xeon_gold 5120
intel xeon_e7 4850
intel core_i5 4690s
intel core_i7 5850hq
intel xeon_e5 2687w_v4
intel xeon_e5 4667_v3
intel xeon_e7 8870
intel core_i3 3229y
intel xeon_e5_2609_v3 -
intel xeon_e7 8880_v2
intel xeon_e5_2630_v3 -
intel core_i3 8100
intel core_i7 7820eq
intel core_i5 4410e
intel core_i5 4690
intel core_i7 3687u
intel core_i7 4722hq
intel core_i7 4702ec
intel xeon_e3_1501m_v6 -
intel xeon_e5 2690_v3
intel xeon_e5 4628l_v4
intel xeon_e5_2618l_v3 -
intel core_i3 4005u
intel xeon_platinum 8176f
intel core_i7 7500u
intel xeon_phi 7250f
intel xeon_e5_1630_v4 -
redhat enterprise_linux_workstation 6.0
intel xeon_e3_1281_v3 -
arm cortex-a 12
intel core_i5 6442eq
intel xeon_e7 2850
intel xeon x5680
intel core_i5 3610me
intel core_i5 2520m
intel core_i7 3555le
intel atom_z z3770
intel core_i7 7700
intel xeon_e3_1265l_v3 -
intel core_i3 370m
intel core_i7 3630qm
intel xeon_e5 2667_v4
intel atom_c c3750
intel core_i3 540
intel core_i5 3210m
intel pentium_n n4200
intel xeon_platinum 8170
intel xeon_e5_2640_v3 -
intel core_i7 4702mq
intel xeon_e7 2880_v2
intel core_i3 2120t
intel core_i3 6100
intel xeon l5530
intel xeon_e7 8870_v3
intel xeon_e5_1650 -
intel xeon_e5_2630_v4 -
intel core_i5 4570te
intel core_i7 2610ue
intel xeon_e7 8837
intel xeon_e5_2428l_v2 -
intel xeon_e3 1535m_v6
schneider-electric struxureware_data_center_expert 7.6.0
intel xeon_e3_1501l_v6 -
intel core_i7 940xm
intel xeon_gold 6126
intel xeon_e5 4667_v4
intel xeon_e5_2470_v2 -
intel atom_c c3758
intel core_i7 4700ec
intel core_i5 430m
intel xeon_e5 2660
intel xeon_e3_1268l_v3 -
intel xeon e5520
intel xeon_e5 2683_v3
intel xeon_e3_1265l_v4 -
intel core_i7 3770t
intel xeon_e5_1630_v3 -
intel core_i7 3720qm
intel xeon_e3_1285_v4 -
intel xeon_e7 8893_v4
intel xeon_e3_1235 -
intel xeon_e5_2428l -
intel xeon_e5 4627_v2
intel xeon_e5_2620_v4 -
intel core_i7 3610qe
intel xeon_e5 2680_v4
intel xeon_e5 4603_v2
intel xeon_e7 8893_v2
intel xeon_e5 4640_v3
intel xeon_e5_1650_v3 -
intel core_i7 5850eq
intel xeon_e3_1271_v3 -
intel core_i7 620um
intel core_m7 6y75
intel xeon e5620
intel atom_z z3735d
intel core_i5 4278u
intel core_i5 4310u
intel core_i7 4765t
intel xeon_gold 6134m
intel core_i5 520e
intel atom_x3 c3205rk
intel core_i7 5750hq
intel core_i3 3250
intel xeon_e5_1660_v4 -
intel core_i7 4700eq
intel core_i5 3340s
intel core_i5 4200h
intel xeon_e3_1225_v2 -
arm cortex-a 73
intel xeon ec5509
intel core_i7 4870hq
intel core_i7 3615qe
intel core_i5 760
intel celeron_n n4100
intel celeron_n n2910
intel atom_c c3955
intel core_i3 4160t
intel xeon_e3_1246_v3 -
intel xeon_e5 2658_v4
intel core_i7 740qm
intel celeron_j j4105
intel xeon_e5_2603_v4 -
redhat enterprise_linux_server_aus 7.4
intel core_i5 4430
intel core_i5 4440
intel core_i7 930
intel core_i5 3380m
intel xeon_phi 7285
intel xeon e5630
intel core_i5 3470s
intel xeon e5649
intel atom_x3 c3235rk
intel xeon_platinum 8180
intel core_m 5y70
intel core_i5 3320m
intel xeon_phi 7230
intel atom_z z2420
intel core_i5 6600
intel core_i3 6100h
intel xeon_e7 4820_v3
intel atom_e e3805
intel xeon_e5 2667_v3
redhat enterprise_linux_server 7.0
intel atom_c c3850
intel xeon_e3_1280 -
intel core_i5 6500
intel xeon_e3_1230l_v3 -
intel xeon_e3_1226_v3 -
intel xeon_e5_2650_v2 -
intel xeon_e5_2603 -
intel xeon_e5_2630_v2 -
intel core_i7 2640m
intel core_i5 2500t
intel xeon_e5_2650l -
intel xeon_e7 4890_v2
intel xeon_e5_2450 -
redhat enterprise_linux_server_eus 7.5
intel atom_z z3460
intel xeon_platinum 8153
intel core_i5 3450
intel xeon_e7 8891_v4
intel core_i5 4202y
intel atom_z z3590
intel atom_c c2316
intel xeon_e5 4657l_v2
intel core_i5 8350u
intel celeron_n n2840
intel xeon l5640
intel celeron_n n2830
intel core_i7 3840qm
intel core_i5 2450m
intel core_i7 2760qm
intel core_i5 4590s
intel core_i5 6287u
intel xeon_e5_2628l_v3 -
intel core_i3 6100u
intel xeon_e5 2667_v2
intel xeon_e7 4809_v4
intel core_i3 2377m
intel core_i5 4200u
intel xeon_gold 6128
intel core_i5 430um
intel core_i7 7700hq
intel xeon_e5_2640_v4 -
intel core_i5 540um
intel xeon_e3_1260l_v5 -
intel celeron_n n2806
intel xeon_e3_1220l_v3 -
intel core_i5 4570
intel core_i5 4200m
intel core_i7 4710hq
intel xeon_e3_1280_v6 -
intel core_i5 3570t
intel core_i5 670
intel xeon x3480
intel core_i5 750
intel core_i5 3470
intel atom_z z3745
intel xeon ec5549
intel core_i7 720qm
intel xeon w3670
intel xeon_e3_1270_v5 -
intel core_i7 5650u
intel xeon_e3_1240_v2 -
intel xeon_e3 1515m_v5
intel core_i5 4308u
intel core_i7 4770hq
intel xeon_platinum 8156
intel core_i5 470um
intel xeon l3406
intel core_i7 2600
intel xeon_e5_2440 -
intel core_i5 8600k
intel xeon_e5_1620_v2 -
intel xeon_e7 4870_v2
intel xeon_e5_2403 -
intel xeon x3460
intel core_i5 4402ec
intel xeon_e5_2650 -
intel xeon x5672
intel xeon_e3_1240l_v3 -
intel core_i5 3427u
intel atom_e e3815
intel xeon e6540
intel xeon_e7 8894_v4
intel xeon_silver 4109t
intel atom_z z2560
intel xeon_e7 8850_v2
intel atom_c c2308
intel xeon_e5 2650l_v4
intel xeon_e5 2690_v4
intel core_i7 4700mq
intel core_i5 520m
intel xeon l5508
intel core_i5 4460t
intel atom_c c3808
intel atom_z z2520
redhat enterprise_linux_desktop 6.0
intel xeon_e3_1286l_v3 -
intel xeon_e5 2695_v2
intel celeron_n n3350
intel core_i5 4210h
intel core_i3 3240t
intel xeon_e5_1660_v2 -
intel core_i7 610e
intel core_i5 2500
intel xeon_e5 2670_v3
intel xeon_bronze_3106 -
intel core_i5 540m
intel atom_z z3735f
intel core_i7 5550u
intel xeon_e5_2650_v4 -
intel core_i5 3570s
intel atom_z z3570
intel core_i3 4010u
intel core_i3 4350t
intel core_i5 6440eq
intel core_i5 2557m
intel xeon_e5_2640_v2 -
intel celeron_j j3160
intel xeon_e3_1220 -
intel xeon_e5_2630l_v4 -
intel xeon_silver 4112
intel xeon_e5_1428l -
intel xeon_e7 4830
intel xeon_e5_2603_v2 -
intel xeon_gold 6146
intel core_i7 3820qm
intel core_i3 6100e
intel core_i5 650
intel xeon_e7 8850
intel atom_x3 c3445
intel xeon e5645
intel xeon_platinum 8160f
intel core_i7 4720hq
intel atom_c c3308
intel xeon_e7 8860_v3
intel core_i7 2715qe
intel core_i3 2100t
oracle communications_eagle_application_processor 16.2.0
intel core_m 5y71
intel atom_c c3338
intel core_i3 6300t
intel xeon_gold 6144
intel xeon_platinum 8176m
intel xeon_e5_1660_v3 -
intel core_i3 4330t
intel core_i7 620lm
intel core_i7 880
intel xeon_e5 2660_v4
intel xeon_e3_1220_v6 -
intel core_i3 8350k
intel core_i7 620ue
intel xeon_e5_1660 -
fujitsu m12-2_firmware *
intel core_i5 3340m
intel core_i3 2328m
intel core_i3 4360t
intel core_i3 4100u
intel core_i7 2720qm
intel xeon_e5 2687w
intel xeon_e5_2603_v3 -
intel celeron_j j4005
intel xeon_gold 6148
intel core_i5 4670t
intel atom_z z2760
intel xeon_e3_1270_v2 -
intel xeon_e5_2643_v2 -
intel core_i7 4510u
intel xeon_e7 4850_v4
intel xeon_e5_2648l_v2 -
arm cortex-a 8
intel xeon_e3_1245 -
fujitsu m12-1_firmware *
intel core_i7 990x
intel core_i7 3537u
intel xeon_e5 2690
intel core_i7 4712mq
intel xeon_e5_2637_v4 -
intel core_i7 2649m
intel xeon_e5 4603
intel xeon_e3_1241_v3 -
intel xeon_e5 4640
intel xeon lc5528
intel core_i5 5675r
intel xeon_e7 4820_v4
intel xeon_e3_1230_v5 -
intel core_i3 4012y
intel core_i5 4670s
intel xeon x5560
intel xeon_e3_1270 -
intel xeon_e5 2699a_v4
intel xeon_e5 4660_v3
intel xeon_e3_1278l_v4 -
intel pentium_j j3710
intel core_i3 5010u
intel xeon e5506
intel xeon_e5 2670_v2
intel core_i5 4690t
intel core_i5 5350u
intel core_i7 965
intel xeon_e3_1260l -
intel xeon_e3_1125c -
intel core_i3 330m
intel core_i7 4800mq
intel atom_x3 c3200rk
intel atom_z z3736g
intel celeron_n n3050
intel core_i5 2435m
intel xeon_gold 6148f
intel core_i7 980
intel xeon x7550
fujitsu m12-2s_firmware *
intel xeon_e5 4650
intel xeon_silver 4116t
intel core_i7 940
intel core_i7 4770
intel core_i3 3227u
intel celeron_n n2808
intel xeon_phi 7210f
intel xeon l5638
intel xeon_e5_2418l_v3 -
intel celeron_j j1900
intel xeon_e5_2618l_v4 -
intel xeon_e3_1290 -
intel core_i5 4220y
intel celeron_n n3150
intel xeon x5687
intel core_i5 3550s
intel xeon_e3_1245_v2 -
intel xeon_silver 4108
intel core_i7 8550u
intel xeon_e7 2830
intel core_i7 2617m
intel atom_c c2530
intel xeon_e3 1578l_v5
intel core_i3 3240
intel core_i7 4650u
intel xeon_e5_1650_v2 -
arm cortex-a 57
intel core_i3 380m
intel core_i3 390m
intel core_i5 4570r
intel core_i5 4258u
intel xeon_e5 2687w_v2
intel atom_c c2538
intel core_i5 655k
intel core_i7 620m
intel xeon_e5_2640 -
intel xeon_e3 1545m_v5
intel xeon_e3_12201_v2 -
intel core_i3 2330e
intel xeon_e5 2683_v4
intel core_i5 2390t
intel core_i3 6100t
intel core_i7 4790k
intel xeon_e5_2450l -
intel core_i5 2537m
intel xeon_e5 2658
intel core_i3 6300
intel xeon_e5_2609_v2 -
intel core_i3 4100m
intel xeon_e5_1680_v3 -
intel xeon e7530
intel atom_c c3508
intel atom_z z3580
intel xeon_e3_1280_v2 -
intel xeon_e5 4620_v2
intel xeon_e5_2630 -
intel core_i3 2340ue
intel xeon_e7 2820
intel xeon_e5 4640_v2
intel xeon_e5_2609 -
intel atom_z z3785
intel core_i7 4960hq
intel xeon_e5 2665
intel core_i7 2677m
intel core_i3 3225
intel xeon_e3_12201 -
intel pentium_n n3540
intel xeon_e5_2438l_v3 -
intel core_i3 5020u
intel xeon_phi 7210
intel core_i7 2920xm
intel core_i5 2510e
intel core_i3 4330
intel xeon_e3_1240 -
intel xeon x5667
intel xeon_gold 6154
intel core_i5 4690k
intel xeon l5630
intel celeron_n n3060
intel core_i7 640um
intel atom_c c2358
intel core_i7 5557u
intel celeron_n n3160
intel xeon_e5_2430_v2 -
intel xeon_e5_2623_v3 -
intel core_i7 4850hq
intel xeon_platinum 8160
intel xeon_gold 5115
intel xeon_e7 8891_v3
intel core_i7 3540m
intel core_i5 2450p
intel celeron_n n2807
redhat enterprise_linux_workstation 7.0
intel core_i3 2105
intel xeon_e7 4880_v2
intel core_i3 2348m
intel core_i7 7920hq
intel core_i3 3210
intel xeon_e5_2470 -
intel xeon_e7 4820_v2
intel core_i7 2635qm
intel core_i7 2820qm
intel core_i5 4300m
intel core_i5 4460s
intel core_m 5y10
intel atom_e e3827
intel xeon e5640
intel xeon_e5 4648_v3
intel xeon_e5_2623_v4 -
intel core_i5 3360m
intel core_i7 3689y
intel xeon_e5 2698_v3
intel xeon_e5 4655_v4
intel xeon_e5_1620_v3 -
intel xeon_e3_1505l_v5 -
intel core_i5 4310m
intel core_m 5y10c
intel core_i5 3330s
intel core_i3 4010y
intel core_i5 4300y
intel core_i5 6685r
intel core_i3 4000m
intel xeon_e5_2608l_v4 -
intel core_i3 4130t
intel xeon_e7 8890_v4
intel atom_z z3740d
intel core_i7 4558u
intel core_i5 4302y
intel core_i3 4350
intel core_i5 3570k
intel atom_c c3558
netapp solidfire_element_os_management_node -
intel core_i7 4600m
intel xeon_e5_2420_v2 -
intel xeon x5660
intel xeon_e5_2650l_v2 -
intel xeon_e7 4809_v3
intel core_i7 2630qm
intel core_i3 4150t
intel core_i5 4210m
intel xeon_e7 8867_v4
intel core_i5 3339y
intel xeon_e5_1428l_v2 -
intel celeron_n n3000
intel core_i7 2600k
intel xeon_e7 8870_v2
intel xeon_e7 4830_v4
intel atom_z z3740
intel xeon_e5 4607
intel core_i5 4422e
intel core_i7 5500u
intel core_i3 6006u
intel atom_c c3708
intel atom_x3 c3295rk
intel xeon_e7 4850_v2
intel core_i5 6585r
intel xeon_e5_2440_v2 -
intel xeon_e3_1240l_v5 -
intel atom_z z2460
intel atom_z z3480
intel xeon_e5_2648l_v3 -
intel core_i5 6440hq
intel core_i3 3120m
intel core_i7 2960xm
intel core_i5 3340
intel core_i7 970
intel core_i3 4120u
redhat enterprise_linux_eus 7.4
intel atom_z z3530
intel core_i3 6320
intel core_i5 4210u
intel xeon_e5_2648l -
intel core_i3 2115c
intel xeon_e5 2680_v2
intel xeon_e5 2695_v4
intel core_i7 3770s
intel xeon_e5 4620_v3
intel core_i7 4771
intel xeon_e3_1285_v3 -
intel core_i5 2515e
intel celeron_n n3010
intel core_i7 5950hq
intel atom_c c3950
intel xeon_e3 1565l_v5
intel xeon_platinum 8168
intel core_i5 3337u
intel core_i7 2629m
intel core_i3 2375m
intel core_i7 4770te
redhat enterprise_linux_server_aus 7.6
intel xeon_e7 8870_v4
intel core_i7 2637m
intel core_i5 4670k
intel xeon_e7 8867l
intel core_i3 4340
intel atom_c c2718
intel atom_z z3735e
intel celeron_n n2820
intel atom_c c3830
intel core_i7 4750hq
intel xeon e5507
intel xeon_gold 6138t
intel xeon_e7 4809_v2
intel core_i7 7560u
intel xeon_e5 2698_v4
intel core_i5 2550k
intel xeon_e5 2695_v3
intel xeon_gold 6138f
oracle communications_lsms *
intel core_i5 4590t
intel core_i5 4570t
intel atom_e e3825
intel xeon_e5 2687w_v3
intel xeon_e5 4617
redhat enterprise_linux_server 6.0
intel core_i3 4160
intel xeon_e3_1505m_v5 -
intel xeon_e5_1680_v4 -
intel core_i7 5775r
intel core_i5 580m
intel core_i3 4112e
intel core_i3 6157u
CVE-2018-9056 MEDIUM

Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
intel celeron_n n4000
intel core_i3 6100te
intel core_i7 840qm
intel pentium_j j2900
intel xeon_e3_1230_v6 -
intel xeon_e5 4607_v2
intel core_i7 5700hq
intel core_i7 660lm
intel xeon_gold 6140m
intel core_i7 5700eq
intel core_i7 960
intel core_i3 2120
intel xeon l5506
intel core_i7 7820hk
intel xeon e7540
intel core_i5 4250u
intel core_i3 330um
intel core_i7 680um
intel xeon_e5 4640_v4
intel core_i7 2675qm
intel xeon_e7 8860_v4
intel core_i7 975
intel core_i3 4360
intel xeon_silver 4110
intel core_i5 680
intel core_i7 640m
intel xeon_e7 4860_v2
intel xeon x5647
intel xeon_e5_2650_v3 -
intel core_i5 5675c
intel xeon_e3_1280_v5 -
intel pentium_n n3700
intel celeron_j j3355
intel core_m5 6y57
intel xeon_e7 8890_v3
intel xeon_e5 4610
intel xeon ec5539
intel xeon_e3_1285_v6 -
intel xeon_e5 2697_v2
intel xeon_e5_2630l_v3 -
intel core_i5 480m
intel xeon_e5 4650_v4
intel xeon_e3_1230 -
intel atom_x3 c3230rk
intel atom_z z3560
intel core_i5 4340m
intel core_i7 870s
intel core_i5 2300
intel xeon e5502
intel core_m 5y10a
intel xeon_e5 2658a_v3
intel xeon_e5 4655_v3
intel xeon w3690
intel xeon_e3_1220_v2 -
intel xeon_e5 2680
intel core_i3 4158u
intel core_i3 6102e
intel xeon_platinum 8158
intel xeon e6510
intel atom_c c2508
intel xeon_e3_1275_v2 -
intel core_i5 5575r
intel core_i7 2600s
intel xeon e5503
intel core_i5 2400s
intel core_i7 3770k
intel core_i3 4150
intel core_i7 4578u
intel core_i5 3439y
intel core_i5 4440s
intel xeon_e5 4650_v2
intel celeron_n n2920
intel xeon_e5_2418l_v2 -
intel core_i7 7567u
intel atom_c c2338
intel core_i3 2367m
intel xeon_e7 2890_v2
intel xeon_gold 6142f
intel xeon e5607
intel xeon_e7 8860
intel xeon_silver 4116
intel core_i3 4170t
intel core_i7 4760hq
intel pentium_n n3710
intel xeon l7555
intel core_i5 4590
intel core_i7 3612qe
intel core_i3 3245
intel core_i7 980x
intel core_i7 4950hq
intel core_i5 3550
intel xeon_e7 4870
intel celeron_j j1850
intel xeon_e3_1225_v5 -
intel xeon_e7 8880_v4
intel xeon_e5 2667
intel xeon x3470
intel core_i7 3635qm
intel xeon_e3_1125c_v2 -
intel core_i7 5775c
intel xeon_e5_2648l_v4 -
intel atom_x3 c3265rk
intel core_i7 4500u
intel xeon_e7 8867_v3
intel xeon x3450
intel core_i7 7660u
intel xeon w5580
intel core_i3 2102
intel core_i3 4020y
intel core_i5 6350hq
intel xeon_phi 7295
intel xeon l3426
intel core_i3 530
intel core_i3 3130m
intel core_i3 2312m
intel core_i5 2380p
intel core_i7 4710mq
intel xeon_e3_1505l_v6 -
intel xeon_e5_1650_v4 -
intel pentium_j j4205
intel xeon e5603
intel xeon_e5_2643_v3 -
intel xeon_e3 1558l_v5
intel xeon_e3 1585l_v5
intel xeon_platinum 8160t
intel core_i7 3610qm
intel core_i7 4712hq
intel core_i3 380um
intel core_i7 3517u
intel core_i3 3217ue
intel core_i7 8650u
intel atom_c c2518
intel xeon e5530
intel xeon_e5 2697a_v4
intel xeon x5690
intel core_i5 6360u
intel core_i3 3220
intel xeon_e5_2430 -
intel core_i3 4110m
intel xeon_gold 6130t
intel xeon_e5_2403_v2 -
intel xeon_e5 2670
intel core_m 5y31
intel xeon_e3_1265l_v2 -
intel xeon_e3_1268l_v5 -
intel core_i5 2410m
intel xeon_e5_2637 -
intel core_i5 6600t
intel core_i7 2657m
intel core_i5 4400e
intel xeon x5550
intel xeon_e5_2630l_v2 -
intel atom_c c2750
intel core_i7 2700k
intel xeon_e5 4610_v2
intel xeon_e3_1275l_v3 -
intel xeon_e5_2618l_v2 -
intel core_i3 2330m
intel core_i3 3220t
intel atom_c c2550
intel xeon_e7 2803
intel core_m 5y51
intel core_i3 6098p
intel xeon_e5_2408l_v3 -
intel xeon_e5_2637_v3 -
arm cortex-a 15
intel core_i5 560um
intel core_i7 4810mq
intel core_i5 4200y
intel core_i3 3250t
intel core_i5 2500s
intel core_i7 660um
intel xeon_e5_2450l_v2 -
intel core_i5 750s
intel core_i7 875k
intel xeon_platinum 8176
intel core_i5 4670r
intel xeon x7560
intel core_i7 4790s
intel atom_z z3775
intel core_i7 860s
intel core_i5 2320
intel core_i3 350m
intel xeon_e3_1105c_v2 -
intel core_i3 4330te
intel core_i5 5300u
intel core_i7 4900mq
intel core_i5 4670
intel celeron_j j3455
intel core_i5 3330
intel xeon_e5 2658_v2
arm cortex-a 9
intel xeon_e7 2850_v2
intel xeon_e3_1275_v3 -
intel core_i7 4770r
intel core_i5 4350u
intel core_i5 6500te
intel xeon_e3_1231_v3 -
intel xeon_e3_1258l_v4 -
intel core_i3 2310e
intel core_i7 2860qm
intel core_i7 7700t
intel xeon x3440
intel xeon_e5_2450_v2 -
intel xeon_e5 4627_v3
intel core_i5 2540m
intel core_i5 8250u
intel core_i7 4770s
intel xeon_silver 4114t
intel core_i7 4550u
intel core_i7 3520m
intel pentium_n n3510
intel core_i5 4210y
intel core_i3 4025u
intel celeron_n n2815
intel xeon w3680
intel core_i7 5600u
intel core_i7 8700
intel xeon e5504
intel xeon_e3_1240_v5 -
intel xeon_e5_2448l -
intel core_i5 3470t
intel core_i5 520um
intel atom_c c2730
intel xeon w5590
intel core_m3 6y30
intel core_i3 4130
intel xeon_e7 2870
intel xeon_e5_2630l -
intel xeon_e7 2870_v2
intel xeon_e5 2699r_v4
intel core_i3 4030y
intel core_m5 6y54
intel core_i5 460m
intel xeon_gold 6152
intel xeon_e5 4627_v4
intel core_i3 2350m
intel core_i3 3120me
intel core_i5 8400
intel core_i7 640lm
intel core_i5 5250u
intel xeon_e5_2620_v3 -
intel core_i5 6267u
intel core_i5 6300hq
arm cortex-a 72
intel core_i5 660
intel xeon x3430
intel atom_z z3745d
intel xeon_e5_2609_v4 -
intel xeon_e3_1225_v6 -
intel xeon_e5_2643 -
intel atom_c c2738
intel xeon_platinum 8170m
intel core_i5 2405s
intel core_i5 661
intel xeon_e5 2658_v3
intel xeon_gold 6126t
intel xeon lc5518
intel xeon_e5 2699_v4
intel xeon_e5 4620
intel xeon_e7 8830
intel core_i7 7700k
intel core_i7 3615qm
intel xeon_e5_2420 -
intel core_i7 3517ue
intel core_i7 7600u
intel xeon_e5 2697_v4
intel core_i3 6167u
intel core_i3 5015u
intel atom_c c2558
intel core_i5 3437u
intel xeon_gold 6126f
intel xeon_e3_1286_v3 -
intel xeon_e3_1235l_v5 -
intel core_m3 7y30
intel xeon e5540
intel core_i5 6402p
intel atom_z z3775d
intel xeon_e3_1275 -
intel xeon_e5 2697_v3
intel celeron_n n3450
intel xeon_e5 2699_v3
intel xeon_e3 1535m_v5
intel xeon_e7 2860
intel core_i5 6500t
intel pentium_n n3520
intel xeon_e3_1230_v2 -
intel core_i7 4770k
intel xeon_e3_1245_v5 -
intel xeon_e5_1620_v4 -
intel atom_z z3735g
intel xeon_e7 4850_v3
intel xeon e7520
intel core_i5 4430s
intel xeon x5677
intel core_i3 330e
intel xeon_e7 8893_v3
intel pentium_j j2850
intel celeron_j j1800
intel xeon_e3_1225_v3 -
intel core_i5 4460
intel core_i3 2357m
intel xeon_e3_1270_v6 -
intel xeon_e7 4820
intel core_i7 3740qm
intel xeon_e7 4807
intel xeon_e3_1240_v6 -
intel core_i5 4330m
arm cortex-a 17
intel celeron_n n2805
intel pentium_n n3530
intel xeon_e5_2407_v2 -
intel core_i3 2370m
intel core_i5 6300u
intel core_i7 950
intel xeon_gold 6130f
intel core_i5 450m
intel xeon_e5 4650_v3
intel xeon_e3_1275_v5 -
intel xeon_e5 4669_v4
intel core_i5 5287u
intel celeron_j j3060
intel core_i5 3450s
intel core_i3 4340te
intel atom_z z3795
intel xeon_e7 4830_v2
intel core_i5 3350p
intel xeon_e3_1220_v3 -
intel celeron_n n2810
intel core_i3 4102e
intel xeon_e3 1585_v5
intel xeon_platinum 8160m
intel xeon_e5 4620_v4
intel core_m3 7y32
intel xeon_e5 4660_v4
intel xeon_e3_1245_v3 -
intel xeon_e3_1285l_v4 -
intel xeon_gold 6140
intel core_i5 5257u
arm cortex-a 75
intel core_i7 4702hq
intel core_i5 3570
intel xeon x5675
intel xeon_e7 8880l_v2
intel core_i5 3475s
intel atom_e e3845
intel xeon l5618
intel xeon_e5_2637_v2 -
intel core_i3 5157u
intel xeon_e5 2660_v3
intel xeon_e5_1428l_v3 -
intel core_i7 3770
intel atom_e e3826
intel core_i7 4910mq
intel core_i5 5350h
intel core_i7 3632qm
intel xeon_e3_1290_v2 -
intel xeon_e5_2418l -
intel xeon_e5_2628l_v4 -
intel xeon_phi 7290f
intel core_i3 4370
intel xeon_e7 8880l_v3
intel xeon_e5_2608l_v3 -
intel core_i3 4030u
intel xeon_silver 4114
intel core_i7 920
intel core_i7 4600u
intel xeon_gold 5118
intel core_i5 6400t
intel xeon_e7 4860
intel xeon l5520
intel core_i7 7y75
intel core_i7 4610y
intel xeon_e3_1240_v3 -
intel core_i5 2400
intel core_i7 3612qm
intel core_i5 560m
intel xeon_e7 8880_v3
intel xeon_phi 7235
intel xeon_phi 7250
intel core_i3 550
intel core_i5 6200u
intel xeon_e7 8891_v2
intel core_i7 4980hq
intel core_i5 2500k
intel core_i3 2125
intel core_i5 4260u
intel atom_x3 c3130
intel xeon_gold 6132
intel xeon_e3_1280_v3 -
intel core_i3 3115c
intel xeon_phi 7290
intel core_i5 6400
intel core_i7 920xm
intel core_i7 870
intel core_i7 4790t
intel xeon_e3_1220_v5 -
intel xeon_e5_2643_v4 -
intel core_i7 660ue
intel core_i7 820qm
intel atom_x3 c3405
intel core_i7 4700hq
intel core_i7 8700k
intel xeon_e5 2660_v2
intel core_i5 4570s
intel xeon_e5 4650l
intel xeon_e7 8857_v2
intel atom_z z2580
intel xeon_gold 6136
intel core_i7 7820hq
intel xeon x6550
intel atom_z z3736f
intel xeon_gold 5120t
intel core_i3 3110m
intel core_i3 4110e
intel core_i3 560
intel xeon_bronze_3104 -
intel xeon_e3 1575m_v5
intel core_i7 4790
intel xeon_gold 5119t
intel xeon l5518
intel xeon_gold 6150
intel celeron_n n2930
intel core_i3 3217u
intel xeon_gold 6130
intel core_i3 2100
intel core_i7 3667u
intel xeon l5609
intel xeon_e3_1285l_v3 -
intel atom_c c2350
intel xeon_e3 1505m_v6
intel xeon_e5_2620 -
intel xeon_e5 4624l_v2
intel xeon_e5_2448l_v2 -
intel core_i5 4300u
intel core_i7 4785t
intel xeon x5670
intel core_i3 4170
intel xeon_e5_2428l_v3 -
intel xeon x7542
intel xeon_e3_1275_v6 -
intel xeon_platinum 8164
intel core_i3 4100e
intel core_i5 6260u
intel core_i3 2310m
intel core_i7 860
intel core_i7 2655le
intel core_i5 4288u
intel core_i3 5005u
intel xeon_e5_2430l -
intel core_i5 4360u
intel core_i5 2467m
intel core_i5 4402e
intel xeon_e5 2690_v2
intel xeon l7545
intel xeon_e5_2620_v2 -
intel xeon_gold 6134
intel xeon_e7 8890_v2
intel xeon_gold 6138
intel core_i7 2670qm
intel xeon_gold 5122
intel core_i3 4370t
intel core_i5 2310
intel xeon_e-1105c -
intel celeron_j j1750
intel xeon_e5 4610_v4
intel xeon x5570
intel xeon_e5 4610_v3
intel core_i7 2710qe
intel core_i3 2365m
intel xeon_e3_1276_v3 -
intel atom_c c3858
intel xeon_e5 4669_v3
intel xeon_e3_1245_v6 -
intel core_i7 2620m
intel core_i5 3317u
intel core_i7 4860hq
intel core_i5 2430m
intel xeon_e3_1270_v3 -
intel core_i7 620le
intel xeon_e5_2650l_v3 -
intel core_i5 5200u
intel celeron_n n2940
intel xeon_e3_1230_v3 -
intel core_i7 4770t
intel atom_c c3538
intel xeon x5650
intel xeon_gold 6142
intel xeon_gold 6142m
intel core_i5 3230m
intel atom_z z3770d
intel core_i3 2130
intel xeon_e5_1620 -
intel atom_c c3958
intel xeon_e5_2628l_v2 -
intel xeon e5606
intel xeon_phi 7230f
intel atom_z z2480
intel xeon_e3_1225 -
intel core_i7 4610m
intel xeon_e5 2680_v3
intel xeon_e5_2407 -
intel xeon_e7 4830_v3
intel core_i5 6600k
intel atom_c c2758
intel atom_c c2516
intel xeon_e5_2430l_v2 -
intel xeon_gold 5120
intel xeon_e7 4850
intel core_i5 4690s
intel core_i7 5850hq
intel xeon_e5 2687w_v4
intel xeon_e5 4667_v3
intel xeon_e7 8870
intel core_i3 3229y
intel xeon_e5_2609_v3 -
intel xeon_e7 8880_v2
intel xeon_e5_2630_v3 -
intel core_i3 8100
intel core_i7 7820eq
intel core_i5 4410e
intel core_i5 4690
intel core_i7 3687u
intel core_i7 4722hq
intel core_i7 4702ec
intel xeon_e3_1501m_v6 -
intel xeon_e5 2690_v3
intel xeon_e5 4628l_v4
intel xeon_e5_2618l_v3 -
intel core_i3 4005u
intel xeon_platinum 8176f
intel core_i7 7500u
intel xeon_e5_1630_v4 -
intel xeon_phi 7250f
intel xeon_e3_1281_v3 -
intel core_i5 6442eq
intel xeon_e7 2850
intel xeon x5680
intel core_i5 3610me
intel core_i5 2520m
intel core_i7 3555le
intel atom_z z3770
intel core_i7 7700
intel xeon_e3_1265l_v3 -
intel core_i3 370m
intel core_i7 3630qm
intel xeon_e5 2667_v4
intel atom_c c3750
intel core_i3 540
intel core_i5 3210m
intel pentium_n n4200
intel xeon_platinum 8170
intel xeon_e5_2640_v3 -
intel core_i7 4702mq
intel xeon_e7 2880_v2
intel core_i3 2120t
intel core_i3 6100
intel xeon l5530
intel xeon_e5_1650 -
intel xeon_e7 8870_v3
intel xeon_e5_2630_v4 -
intel core_i5 4570te
intel core_i7 2610ue
intel xeon_e7 8837
intel xeon_e5_2428l_v2 -
intel xeon_e3 1535m_v6
intel xeon_e3_1501l_v6 -
intel core_i7 940xm
intel xeon_gold 6126
intel xeon_e5 4667_v4
intel xeon_e5_2470_v2 -
intel atom_c c3758
intel core_i7 4700ec
intel core_i5 430m
intel xeon_e5 2660
intel xeon_e3_1268l_v3 -
intel xeon e5520
intel xeon_e5 2683_v3
intel xeon_e3_1265l_v4 -
intel core_i7 3770t
intel xeon_e5_1630_v3 -
intel core_i7 3720qm
intel xeon_e3_1285_v4 -
intel xeon_e7 8893_v4
intel xeon_e3_1235 -
intel xeon_e5_2428l -
intel xeon_e5 4627_v2
intel xeon_e5_2620_v4 -
intel core_i7 3610qe
intel xeon_e5 2680_v4
intel xeon_e5 4603_v2
intel xeon_e7 8893_v2
intel xeon_e5 4640_v3
intel xeon_e5_1650_v3 -
intel core_i7 5850eq
intel xeon_e3_1271_v3 -
intel core_i7 620um
intel core_m7 6y75
intel atom_z z3735d
intel xeon e5620
intel core_i5 4278u
intel core_i5 4310u
intel core_i7 4765t
intel xeon_gold 6134m
intel core_i5 520e
intel atom_x3 c3205rk
intel core_i7 5750hq
intel core_i3 3250
intel xeon_e5_1660_v4 -
intel core_i7 4700eq
intel core_i5 3340s
intel core_i5 4200h
intel xeon_e3_1225_v2 -
arm cortex-a 73
intel xeon ec5509
intel core_i7 4870hq
intel core_i5 760
intel core_i7 3615qe
intel celeron_n n4100
intel celeron_n n2910
intel atom_c c3955
intel core_i3 4160t
intel xeon_e3_1246_v3 -
intel xeon_e5 2658_v4
intel core_i7 740qm
intel celeron_j j4105
intel xeon_e5_2603_v4 -
intel core_i5 4430
intel core_i5 4440
intel core_i7 930
intel core_i5 3380m
intel xeon_phi 7285
intel xeon e5630
intel core_i5 3470s
intel xeon e5649
intel atom_x3 c3235rk
intel xeon_platinum 8180
intel core_m 5y70
intel core_i5 3320m
intel xeon_phi 7230
intel atom_z z2420
intel core_i5 6600
intel core_i3 6100h
intel xeon_e7 4820_v3
intel atom_e e3805
intel xeon_e5 2667_v3
intel atom_c c3850
intel xeon_e3_1280 -
intel core_i5 6500
intel xeon_e3_1230l_v3 -
intel xeon_e3_1226_v3 -
intel xeon_e5_2650_v2 -
intel xeon_e5_2603 -
intel xeon_e5_2630_v2 -
intel core_i7 2640m
intel core_i5 2500t
intel xeon_e5_2650l -
intel xeon_e7 4890_v2
intel xeon_e5_2450 -
intel atom_z z3460
intel xeon_platinum 8153
intel core_i5 3450
intel xeon_e7 8891_v4
intel core_i5 4202y
intel atom_z z3590
intel atom_c c2316
intel xeon_e5 4657l_v2
intel core_i5 8350u
intel celeron_n n2840
intel xeon l5640
intel celeron_n n2830
intel core_i7 3840qm
intel core_i5 2450m
intel core_i7 2760qm
intel core_i5 4590s
intel core_i5 6287u
intel xeon_e5_2628l_v3 -
intel core_i3 6100u
intel xeon_e5 2667_v2
intel xeon_e7 4809_v4
intel core_i3 2377m
intel core_i5 4200u
intel xeon_gold 6128
intel core_i5 430um
intel core_i7 7700hq
intel xeon_e5_2640_v4 -
intel core_i5 540um
intel xeon_e3_1260l_v5 -
intel celeron_n n2806
intel xeon_e3_1220l_v3 -
intel core_i5 4570
intel core_i5 4200m
intel core_i7 4710hq
intel xeon_e3_1280_v6 -
intel core_i5 3570t
intel core_i5 670
intel xeon x3480
intel core_i5 750
intel core_i5 3470
intel atom_z z3745
intel xeon ec5549
intel core_i7 720qm
intel xeon w3670
intel xeon_e3_1270_v5 -
intel core_i7 5650u
intel xeon_e3_1240_v2 -
intel xeon_e3 1515m_v5
intel core_i5 4308u
intel core_i7 4770hq
intel xeon_platinum 8156
intel core_i5 470um
intel xeon l3406
intel core_i7 2600
intel xeon_e5_2440 -
intel core_i5 8600k
intel xeon_e5_1620_v2 -
intel xeon_e7 4870_v2
intel xeon_e5_2403 -
intel xeon x3460
intel core_i5 4402ec
intel xeon_e5_2650 -
intel xeon x5672
intel xeon_e3_1240l_v3 -
intel core_i5 3427u
intel atom_e e3815
intel xeon e6540
intel xeon_e7 8894_v4
intel xeon_silver 4109t
intel atom_z z2560
intel xeon_e7 8850_v2
intel atom_c c2308
intel xeon_e5 2650l_v4
intel xeon_e5 2690_v4
intel core_i7 4700mq
intel core_i5 520m
intel xeon l5508
intel core_i5 4460t
intel atom_c c3808
intel atom_z z2520
intel xeon_e3_1286l_v3 -
intel xeon_e5 2695_v2
intel celeron_n n3350
intel core_i5 4210h
intel core_i3 3240t
intel xeon_e5_1660_v2 -
intel core_i5 2500
intel core_i7 610e
intel xeon_e5 2670_v3
intel xeon_bronze_3106 -
intel core_i5 540m
intel atom_z z3735f
intel core_i7 5550u
intel xeon_e5_2650_v4 -
intel core_i5 3570s
intel atom_z z3570
intel core_i3 4010u
intel core_i3 4350t
intel core_i5 2557m
intel core_i5 6440eq
intel xeon_e5_2640_v2 -
intel celeron_j j3160
intel xeon_e3_1220 -
intel xeon_e5_2630l_v4 -
intel xeon_silver 4112
intel xeon_e5_1428l -
intel xeon_e7 4830
intel xeon_e5_2603_v2 -
intel xeon_gold 6146
intel core_i7 3820qm
intel core_i3 6100e
intel core_i5 650
intel xeon_e7 8850
intel atom_x3 c3445
intel xeon e5645
intel xeon_platinum 8160f
intel core_i7 4720hq
intel atom_c c3308
intel xeon_e7 8860_v3
intel core_i7 2715qe
intel core_i3 2100t
intel core_m 5y71
intel atom_c c3338
intel core_i3 6300t
intel xeon_gold 6144
intel xeon_platinum 8176m
intel xeon_e5_1660_v3 -
intel core_i3 4330t
intel core_i7 620lm
intel core_i7 880
intel xeon_e5 2660_v4
intel xeon_e3_1220_v6 -
intel core_i3 8350k
intel core_i7 620ue
intel xeon_e5_1660 -
intel core_i5 3340m
intel core_i3 2328m
intel core_i3 4360t
intel core_i3 4100u
intel core_i7 2720qm
intel xeon_e5 2687w
intel xeon_e5_2603_v3 -
intel celeron_j j4005
intel xeon_gold 6148
intel core_i5 4670t
intel atom_z z2760
intel xeon_e3_1270_v2 -
intel xeon_e5_2643_v2 -
intel core_i7 4510u
intel xeon_e7 4850_v4
intel xeon_e5_2648l_v2 -
intel xeon_e3_1245 -
intel core_i7 990x
intel core_i7 3537u
intel xeon_e5 2690
intel core_i7 4712mq
intel xeon_e5_2637_v4 -
intel core_i7 2649m
intel xeon_e5 4603
intel xeon_e3_1241_v3 -
intel xeon_e5 4640
intel xeon lc5528
intel core_i5 5675r
intel xeon_e7 4820_v4
intel xeon_e3_1230_v5 -
intel core_i3 4012y
intel core_i5 4670s
intel xeon x5560
intel xeon_e3_1270 -
intel xeon_e5 2699a_v4
intel xeon_e5 4660_v3
intel xeon_e3_1278l_v4 -
intel pentium_j j3710
intel core_i3 5010u
intel xeon e5506
intel xeon_e5 2670_v2
intel core_i5 4690t
intel core_i5 5350u
intel core_i7 965
intel xeon_e3_1125c -
intel xeon_e3_1260l -
intel core_i3 330m
intel core_i7 4800mq
intel atom_x3 c3200rk
intel atom_z z3736g
intel celeron_n n3050
intel core_i5 2435m
intel xeon_gold 6148f
intel core_i7 980
intel xeon x7550
intel xeon_e5 4650
intel xeon_silver 4116t
intel core_i7 940
intel core_i7 4770
intel core_i3 3227u
intel celeron_n n2808
intel xeon_phi 7210f
intel xeon l5638
intel xeon_e5_2418l_v3 -
intel celeron_j j1900
intel xeon_e5_2618l_v4 -
intel xeon_e3_1290 -
intel core_i5 4220y
intel celeron_n n3150
intel xeon x5687
intel core_i5 3550s
intel xeon_e3_1245_v2 -
intel xeon_silver 4108
intel core_i7 8550u
intel xeon_e7 2830
intel core_i7 2617m
intel atom_c c2530
intel xeon_e3 1578l_v5
intel core_i3 3240
intel core_i7 4650u
intel xeon_e5_1650_v2 -
arm cortex-a 57
intel core_i3 380m
intel core_i3 390m
intel core_i5 4570r
intel core_i5 4258u
intel xeon_e5 2687w_v2
intel atom_c c2538
intel core_i5 655k
intel core_i7 620m
intel xeon_e5_2640 -
intel xeon_e3 1545m_v5
intel xeon_e3_12201_v2 -
intel core_i3 2330e
intel xeon_e5 2683_v4
intel core_i5 2390t
intel core_i3 6100t
intel core_i7 4790k
intel xeon_e5_2450l -
intel core_i5 2537m
intel xeon_e5 2658
intel core_i3 6300
intel xeon_e5_2609_v2 -
intel core_i3 4100m
intel xeon_e5_1680_v3 -
intel xeon e7530
intel atom_c c3508
intel atom_z z3580
intel xeon_e3_1280_v2 -
intel xeon_e5 4620_v2
intel xeon_e5_2630 -
intel core_i3 2340ue
intel xeon_e7 2820
intel xeon_e5 4640_v2
intel xeon_e5_2609 -
intel core_i7 4960hq
intel atom_z z3785
intel xeon_e5 2665
intel core_i3 3225
intel core_i7 2677m
intel xeon_e3_12201 -
intel pentium_n n3540
intel xeon_e5_2438l_v3 -
intel core_i3 5020u
intel xeon_phi 7210
intel core_i7 2920xm
intel core_i5 2510e
intel core_i3 4330
intel xeon_e3_1240 -
intel xeon x5667
intel xeon_gold 6154
intel core_i5 4690k
intel xeon l5630
intel celeron_n n3060
intel core_i7 640um
intel atom_c c2358
intel core_i7 5557u
intel celeron_n n3160
intel xeon_e5_2430_v2 -
intel xeon_e5_2623_v3 -
intel core_i7 4850hq
intel xeon_platinum 8160
intel xeon_gold 5115
intel xeon_e7 8891_v3
intel core_i7 3540m
intel core_i5 2450p
intel celeron_n n2807
intel core_i3 2105
intel xeon_e7 4880_v2
intel core_i3 2348m
intel core_i7 7920hq
intel core_i3 3210
intel xeon_e5_2470 -
intel xeon_e7 4820_v2
intel core_i7 2635qm
intel core_i7 2820qm
intel core_i5 4300m
intel core_i5 4460s
intel core_m 5y10
intel atom_e e3827
intel xeon e5640
intel xeon_e5 4648_v3
intel xeon_e5_2623_v4 -
intel core_i5 3360m
intel core_i7 3689y
intel xeon_e5 2698_v3
intel xeon_e5 4655_v4
intel xeon_e5_1620_v3 -
intel xeon_e3_1505l_v5 -
intel core_i5 4310m
intel core_m 5y10c
intel core_i5 3330s
intel core_i3 4010y
intel core_i5 4300y
intel core_i3 4000m
intel core_i5 6685r
intel xeon_e5_2608l_v4 -
intel core_i3 4130t
intel xeon_e7 8890_v4
intel core_i7 4558u
intel atom_z z3740d
intel core_i5 4302y
intel core_i3 4350
intel core_i5 3570k
intel atom_c c3558
intel core_i7 4600m
intel xeon_e5_2420_v2 -
intel xeon x5660
intel xeon_e5_2650l_v2 -
intel xeon_e7 4809_v3
intel core_i3 4150t
intel core_i7 2630qm
intel core_i5 4210m
intel xeon_e7 8867_v4
intel core_i5 3339y
intel xeon_e5_1428l_v2 -
intel celeron_n n3000
intel core_i7 2600k
intel xeon_e7 4830_v4
intel xeon_e7 8870_v2
intel atom_z z3740
intel xeon_e5 4607
intel core_i5 4422e
intel core_i7 5500u
intel core_i3 6006u
intel atom_c c3708
intel atom_x3 c3295rk
intel xeon_e7 4850_v2
intel core_i5 6585r
intel xeon_e5_2440_v2 -
intel xeon_e3_1240l_v5 -
intel atom_z z2460
intel atom_z z3480
intel xeon_e5_2648l_v3 -
intel core_i5 6440hq
intel core_i3 3120m
intel core_i5 3340
intel core_i7 2960xm
intel core_i3 4120u
intel core_i7 970
intel atom_z z3530
intel core_i3 6320
intel core_i5 4210u
intel xeon_e5_2648l -
intel core_i3 2115c
intel xeon_e5 2680_v2
intel xeon_e5 2695_v4
intel core_i7 3770s
intel xeon_e5 4620_v3
intel core_i7 4771
intel xeon_e3_1285_v3 -
intel core_i5 2515e
intel celeron_n n3010
intel core_i7 5950hq
intel atom_c c3950
intel xeon_e3 1565l_v5
intel xeon_platinum 8168
intel core_i5 3337u
intel core_i7 2629m
intel core_i3 2375m
intel core_i7 4770te
intel xeon_e7 8870_v4
intel core_i7 2637m
intel core_i5 4670k
intel xeon_e7 8867l
intel core_i3 4340
intel atom_c c2718
intel atom_z z3735e
intel celeron_n n2820
intel atom_c c3830
intel core_i7 4750hq
intel xeon e5507
intel xeon_gold 6138t
intel xeon_e7 4809_v2
intel core_i7 7560u
intel xeon_e5 2698_v4
intel core_i5 2550k
intel xeon_e5 2695_v3
intel xeon_gold 6138f
intel core_i5 4590t
intel core_i5 4570t
intel atom_e e3825
intel xeon_e5 2687w_v3
intel xeon_e5 4617
intel core_i3 4160
intel xeon_e3_1505m_v5 -
intel xeon_e5_1680_v4 -
intel core_i7 5775r
intel core_i5 580m
intel core_i3 4112e
intel core_i3 6157u
CVE-2018-9988 MEDIUM

ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 8.0
arm mbed_tls 2.8.0
arm mbed_tls *
CVE-2018-9989 MEDIUM

ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 8.0
arm mbed_tls 2.8.0
arm mbed_tls *
CVE-2019-16910 LOW

Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.6 3.6

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
fedoraproject fedora 30
fedoraproject fedora 29
debian debian_linux 10.0
fedoraproject fedora 31
arm mbed_crypto *
arm mbed_tls *
CVE-2019-17210 MEDIUM

A denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString() is called by the function MQTTDeserialize_publish() to get the length and content of the MQTT topic name. In the function readMQTTLenString(), mqttstring->lenstring.len is a part of user input, which can be manipulated. An attacker can simply change it to a larger value to invalidate the if statement so that the statements inside the if statement are skipped, letting the value of mqttstring->lenstring.data default to zero. Later, curn is accessed, which points to mqttstring->lenstring.data. On an Arm Cortex-M chip, the value at address 0x0 is actually the initialization value for the MSP register. It is highly dependent on the actual firmware. Therefore, the behavior of the program is unpredictable from this time on.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
arm mbed-mqtt 2017-11-02
arm mbed-os -
CVE-2019-18222 LOW

The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N 1.0 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,

Products Affected

Vendor Product Version
fedoraproject fedora 30
debian debian_linux 10.0
fedoraproject fedora 31
arm mbed_crypto *
arm mbed_tls *
CVE-2020-10932 LOW

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by exploiting side channels in the conversion to affine coordinates; (2) using an attack described by Naccache, Smart, and Stern in 2003 to recover a few bits of the ephemeral scalar from those projective coordinates via several measurements; and (3) using a lattice attack to get from there to the long-term ECDSA private key used for the signatures. Typically an attacker would have sufficient access when attacking an SGX enclave and controlling the untrusted OS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N 1.0 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,CWE-327,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
arm mbed_tls *
fedoraproject fedora 32
CVE-2020-10941 MEDIUM

Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
arm mbed_crypto *
arm mbed_tls *
fedoraproject fedora 32
CVE-2020-12883 MEDIUM

Buffer over-reads were discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses CoAP input linearly using a while loop. Once an option is parsed in a loop, the current point (*packet_data_pptr) is increased correspondingly. The pointer is restricted by the size of the received buffer, as well as by the option delta and option length bytes. The actual input packet length is not verified against the number of bytes read when processing the option extended delta and the option extended length. Moreover, the calculation of the message_left variable, in the case of non-extended option deltas, is incorrect and indicates more data left for processing than provided in the function input. All of these lead to heap-based or stack-based memory location read access that is outside of the intended boundary of the buffer. Depending on the platform-specific memory management mechanisms, it can lead to processing of unintended inputs or system memory access violation errors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
arm mbed_os 5.15.3
CVE-2020-12884 MEDIUM

A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse_multiple_options() parses CoAP options that may occur multiple consecutive times in a single packet. While processing the options, packet_data_pptr is accessed after being incremented by option_len without a prior out-of-bounds memory check. The temp_parsed_uri_query_ptr is validated for a correct range, but the range valid for temp_parsed_uri_query_ptr is derived from the amount of allocated heap memory, not the actual input size. Therefore the check of temp_parsed_uri_query_ptr may be insufficient for safe access to the area pointed to by packet_data_pptr. As a result, access to a memory area outside of the intended boundary of the packet buffer is made.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
arm mbed_os 5.15.3
CVE-2020-12885 HIGH

An infinite loop was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse_multiple_options() parses CoAP options in a while loop. This loop's exit condition is computed using the previously allocated heap memory required for storing the result of parsing multiple options. If the input heap memory calculation results in zero bytes, the loop exit condition is never met and the loop is not terminated. As a result, the packet parsing function never exits, leading to resource consumption.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-835,

Products Affected

Vendor Product Version
arm mbed_os 5.15.3
CVE-2020-12886 MEDIUM

A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the CoAP packet header starting from the message token. The length of the token in the received message is provided in the first byte parsed by the sn_coap_parser_options_parse() function. The length encoded in the message is not validated against the actual input buffer length before accessing the token. As a result, memory access outside of the intended boundary of the buffer may occur.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
arm mbed_os 5.15.3
CVE-2020-12887 MEDIUM

Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 when using the Arm mbed-coap library 5.1.5. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the CoAP option number field of all options present in the input packet. Each option number is calculated as a sum of the previous option number and a delta of the current option. The delta and the previous option number are expressed as unsigned 16-bit integers. Due to lack of overflow detection, it is possible to craft a packet that wraps the option number around and results in the same option number being processed again in a single packet. Certain options allocate memory by calling a memory allocation function. In the cases of COAP_OPTION_URI_QUERY, COAP_OPTION_URI_PATH, COAP_OPTION_LOCATION_QUERY, and COAP_OPTION_ETAG, there is no check on whether memory has already been allocated, which in conjunction with the option number integer overflow may lead to multiple assignments of allocated memory to a single pointer. This has been demonstrated to lead to memory leak by buffer orphaning. As a result, the memory is never freed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,CWE-401,

Products Affected

Vendor Product Version
arm mbed-coap 5.1.5
CVE-2020-13844 LOW

Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,

Products Affected

Vendor Product Version
arm cortex-a32_firmware -
opensuse leap 15.2
arm cortex-a72_firmware -
arm cortex-a35_firmware -
arm cortex-a53_firmware -
opensuse leap 15.1
arm cortex-a57_firmware -
arm cortex-a73_firmware -
arm cortex-a34_firmware -
CVE-2020-16150 LOW

A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,

Products Affected

Vendor Product Version
debian debian_linux 10.0
fedoraproject fedora 31
fedoraproject fedora 33
arm mbed_tls *
fedoraproject fedora 32
CVE-2020-16273 HIGH

In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the stack is not initialized. This vulnerability affects only the software that is based on Armv8-M processors with the Security Extension.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-191,

Products Affected

Vendor Product Version
arm armv8-m_firmware *
CVE-2020-24658 MEDIUM

Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. When this feature is enabled, a protected function writes a guard value to the stack prior to (above) any vulnerable arrays in the stack. The guard value is checked for corruption on function return; corruption leads to an error-handler call. In certain circumstances, the reference value that is compared against the guard value is itself also written to the stack (after any vulnerable arrays). The reference value is written to the stack when the function runs out of registers to use for other temporary data. If both the reference value and the guard value are written to the stack, then the stack protection will fail to spot corruption when both values are overwritten with the same value. For both the reference value and the guard value to be corrupted, there would need to be both a buffer overflow and a buffer underflow in the vulnerable arrays (or some other vulnerability that causes two separated stack entries to be corrupted).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-770,CWE-787,

Products Affected

Vendor Product Version
arm arm_compiler 5.06
arm arm_compiler *
CVE-2020-36421 MEDIUM

An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-203,CWE-203,

Products Affected

Vendor Product Version
debian debian_linux 10.0
arm mbed_tls *
CVE-2020-36422 MEDIUM

An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-203,

Products Affected

Vendor Product Version
debian debian_linux 10.0
arm mbed_tls *
CVE-2020-36423 MEDIUM

An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext because a certain Lucky 13 countermeasure doesn't properly consider the case of a hardware accelerator.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
debian debian_linux 10.0
arm mbed_tls *
CVE-2020-36424 LOW

An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values.

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,

Products Affected

Vendor Product Version
debian debian_linux 10.0
arm mbed_tls *
CVE-2020-36425 MEDIUM

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
debian debian_linux 10.0
arm mbed_tls *
CVE-2020-36426 MEDIUM

An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
arm mbed_tls *
CVE-2020-36475 MEDIUM

An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-131,

Products Affected

Vendor Product Version
siemens simatic_rtu3000c_firmware *
debian debian_linux 9.0
debian debian_linux 10.0
siemens simatic_rtu3030c_firmware *
siemens simatic_rtu3041c_firmware *
siemens logo!_cmr2020_firmware *
siemens logo!_cmr2040_firmware *
arm mbed_tls *
siemens simatic_rtu3031c_firmware *
CVE-2020-36476 MEDIUM

An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-212,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
arm mbed_tls *
CVE-2020-36477 MEDIUM

An issue was discovered in Mbed TLS before 2.24.0. The verification of X.509 certificates when matching the expected common name (the cn argument of mbedtls_x509_crt_verify) with the actual certificate name is mishandled: when the subjecAltName extension is present, the expected name is compared to any name in that extension regardless of its type. This means that an attacker could impersonate a 4-byte or 16-byte domain by getting a certificate for the corresponding IPv4 or IPv6 address (this would require the attacker to control that IP address, though).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2020-36478 MEDIUM

An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
siemens simatic_rtu3000c_firmware *
debian debian_linux 9.0
debian debian_linux 10.0
siemens simatic_rtu3030c_firmware *
siemens simatic_rtu3041c_firmware *
siemens logo!_cmr2020_firmware *
siemens logo!_cmr2040_firmware *
arm mbed_tls *
siemens simatic_rtu3031c_firmware *
CVE-2021-24119 MEDIUM

In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-203,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
fedoraproject fedora 34
fedoraproject fedora 33
arm mbed_tls *
CVE-2021-26313 LOW

Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-208,CWE-203,

Products Affected

Vendor Product Version
xen xen *
intel core_i9-9900k -
intel xeon_silver_4214 -
intel core_i7-10700k -
debian debian_linux 10.0
arm cortex-a72 -
broadcom bcm2711 -
intel core_i7-7700k -
CVE-2021-26314 LOW

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-208,CWE-203,

Products Affected

Vendor Product Version
xen xen *
intel core_i9-9900k -
intel xeon_silver_4214 -
intel core_i7-10700k -
fedoraproject fedora 34
arm cortex-a72 -
broadcom bcm2711 -
fedoraproject fedora 33
intel core_i7-7700k -
CVE-2021-27431 HIGH

ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc (local malloc equivalent) function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or injected code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
arm cmsis-rtos *
CVE-2021-27433 HIGH

ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function mbed_krbs, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
ics-cert@hq.dhs.gov 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-190,

Products Affected

Vendor Product Version
arm mbed_ualloc 1.3.0
CVE-2021-27435 HIGH

ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in malloc_wrapper function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
ics-cert@hq.dhs.gov 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
arm mbed 6.3.0
CVE-2021-27562 MEDIUM

In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
arm trusted_firmware-m *
arm trusted_firmware_m *
CVE-2021-28663 HIGH

The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm midguard_gpu_kernel_driver *
arm midgard_gpu_kernel_driver *
CVE-2021-28664 HIGH

The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm midgard_gpu_kernel_driver *
CVE-2021-29256 HIGH

. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
arm bifrost *
arm midgard *
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm valhall *
arm midgard_gpu_kernel_driver *
CVE-2021-35465 LOW

Certain Arm products before 2021-08-23 do not properly consider the effect of exceptions on a VLLDM instruction. A Non-secure handler may have read or write access to part of a Secure context. This affects Arm Cortex-M33 r0p0 through r1p0, Arm Cortex-M35P r0, Arm Cortex-M55 r0p0 through r1p0, and Arm China STAR-MC1 (in the STAR SE configuration).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.4 LOW CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N 0.8 2.5

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
arm cortex-m35p_firmware r0
arm cortex-m55_firmware *
arm cortex-m33_firmware *
arm china_star-mc1_firmware -
CVE-2021-36647

Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA.

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2021-43086 HIGH

ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. When the compression function of the astc-encoder project with -cl option was used, a stack-buffer-overflow occurred in function encode_ise() in function compress_symbolic_block_for_partition_2planes() in "/Source/astcenc_compress_symbolic.cpp".

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
arm adaptive_scalable_texture_compression_encoder 3.2.0
CVE-2021-43619 MEDIUM

Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write caller from SPE or NSPE can overwrite stack memory locations.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
arm trusted_firmware-m 1.4.0
arm trusted_firmware-m 1.4.1
CVE-2021-43666 MEDIUM

A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,CWE-130,

Products Affected

Vendor Product Version
debian debian_linux 10.0
arm mbed_tls *
CVE-2021-44331 MEDIUM

ARM astcenc 3.2.0 is vulnerable to Buffer Overflow in function encode_ise().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
arm adaptive_scalable_texture_compression_encoder 3.2.0
CVE-2021-44732 HIGH

Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-415,

Products Affected

Vendor Product Version
debian debian_linux 10.0
arm mbed_tls *
arm mbed_tls 3.0.0
CVE-2021-44828 HIGH

Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm midguard_gpu_kernel_driver *
arm midgard_gpu_kernel_driver *
CVE-2021-45450 MEDIUM

In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,

Products Affected

Vendor Product Version
fedoraproject fedora 37
arm mbed_tls *
fedoraproject fedora 36
arm mbed_tls 3.0.0
CVE-2021-45451 MEDIUM

In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,

Products Affected

Vendor Product Version
fedoraproject fedora 37
arm mbed_tls *
fedoraproject fedora 36
CVE-2022-22706 MEDIUM

Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,CWE-119,

Products Affected

Vendor Product Version
arm bifrost *
arm midgard *
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm valhall *
arm midgard_gpu_kernel_driver *
CVE-2022-23960 LOW

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 9.0
arm cortex-a65ae_firmware -
debian debian_linux 10.0
arm cortex-a710_firmware -
arm cortex-a78_firmware -
arm cortex-a65_firmware -
arm cortex-a77_firmware -
arm cortex-a57_firmware -
arm neoverse-e1_firmware -
arm cortex-a76ae_firmware -
arm neoverse-v1_firmware -
arm cortex-x2_firmware -
arm cortex-r8_firmware -
arm cortex-a76_firmware -
xen xen -
arm cortex-a72_firmware -
arm neoverse_n1_firmware -
arm cortex-a78ae_firmware -
arm cortex-a75_firmware -
arm cortex-r7_firmware -
arm cortex-x1_firmware -
arm neoverse_n2_firmware -
arm cortex-a73_firmware -
CVE-2022-25368 LOW

Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N 1.0 3.6

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
arm cortex-a65ae_firmware -
arm cortex-a78c_firmware -
amperecomputing ampere_altra_max_firmware -
arm cortex-a710_firmware -
arm cortex-a78_firmware -
arm cortex-a65_firmware -
amperecomputing ampere_altra_firmware -
arm cortex-a77_firmware -
arm cortex-a57_firmware -
arm neoverse-e1_firmware -
arm cortex-a76ae_firmware -
arm neoverse-v1_firmware -
arm cortex-x2_firmware -
arm cortex-a76_firmware -
arm cortex-a72_firmware -
arm neoverse_n1_firmware -
arm cortex-a78ae_firmware -
arm cortex-a15_firmware -
arm cortex-a75_firmware -
arm cortex-x1_firmware -
arm neoverse_n2_firmware -
arm cortex-a73_firmware -
CVE-2022-28348 HIGH

Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a use-after-free situation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm midgard_gpu_kernel_driver *
CVE-2022-28349 HIGH

Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0, Bifrost r17p0 through r23p0 before r24p0, and Valhall r19p0 through r23p0 before r24p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm midguard_gpu_kernel_driver *
CVE-2022-28350 HIGH

Arm Mali GPU Kernel Driver allows improper GPU operations in Valhall r29p0 through r36p0 before r37p0 to reach a use-after-free situation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
CVE-2022-33917

An issue was discovered in the Arm Mali GPU Kernel Driver (Valhall r29p0 through r38p0). A non-privileged user can make improper GPU processing operations to gain access to already freed memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
CVE-2022-34830

An Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged user to make improper GPU processing operations to gain access to already freed memory.

Products Affected

Vendor Product Version
arm utgard_gpu_kernel_driver r11p0
arm utgard_gpu_kernel_driver r12p0
CVE-2022-35409

An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

Products Affected

Vendor Product Version
debian debian_linux 10.0
arm mbed_tls *
CVE-2022-36449

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
arm bifrost *
arm midgard *
arm bifrost r39p0
arm valhall r39p0
arm valhall *
CVE-2022-38181

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver r39p0
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm valhall_gpu_kernel_driver r39p0
arm midguard_gpu_kernel_driver *
arm midgard_gpu_kernel_driver *
CVE-2022-41757

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to obtain write access to read-only memory, or obtain access to already freed memory. This affects Valhall r29p0 through r38p1 before r38p2, and r39p0 before r40p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
arm valhall_gpu_kernel_driver r39p0
CVE-2022-42716

An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm midguard_gpu_kernel_driver *
CVE-2022-43701

When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code.

Products Affected

Vendor Product Version
arm arm_development_studio *
arm mbed_studio *
arm arm_compiler_for_functional_safety 6.6
arm arm_mobile_studio *
arm arm_compiler_for_embedded_fusa 6.16
arm gnu_toolchain *
arm keil_mdk *
arm arm_compiler *
arm ds_development_studio *
arm fast_models *
arm linaro_forge *
CVE-2022-43702

When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code.

Products Affected

Vendor Product Version
arm arm_development_studio *
arm arm_compiler_for_embedded_fusa 6.16
arm arm_compiler *
arm arm_compiler_for_functional_safety *
arm ds_development_studio *
arm fast_models *
CVE-2022-43703

An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.

Products Affected

Vendor Product Version
arm arm_development_studio *
arm ds_development_studio *
CVE-2022-46392

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.6 3.6

Products Affected

Vendor Product Version
fedoraproject fedora 37
arm mbed_tls *
fedoraproject fedora 36
CVE-2022-46393

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
fedoraproject fedora 37
arm mbed_tls *
fedoraproject fedora 36
CVE-2022-46394

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r39p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
arm avalon_gpu_kernel_driver r41p0
arm valhall_gpu_kernel_driver *
CVE-2022-46395

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
arm avalon_gpu_kernel_driver r41p0
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm midguard_gpu_kernel_driver *
arm midgard_gpu_kernel_driver *
CVE-2022-46396

An issue was discovered in the Arm Mali Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0 before r42p0.

Products Affected

Vendor Product Version
arm avalon_gpu_kernel_driver r41p0
arm valhall_gpu_kernel_driver *
CVE-2022-46781

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0 before r42p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
arm avalon_gpu_kernel_driver r41p0
arm valhall_gpu_kernel_driver *
CVE-2022-46891

An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0.

Products Affected

Vendor Product Version
arm bifrost *
arm midgard *
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm valhall *
arm midgard_gpu_kernel_driver *
CVE-2022-47630

Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state.

Products Affected

Vendor Product Version
arm trusted_firmware-a *
CVE-2022-48251

The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks. NOTE: the vendor reportedly offers the position "while power side channel attacks ... are possible, they are not directly caused by or related to the Arm architecture."

Products Affected

Vendor Product Version
arm cortex-a76_firmware -
arm cortex-a72_firmware -
arm cortex-a55_firmware -
arm cortex-a78_firmware -
arm cortex-a53_firmware -
arm cortex-a75_firmware -
arm cortex-a77_firmware -
arm cortex-a57_firmware -
arm cortex-a76ae_firmware -
arm cortex-a73_firmware -
CVE-2023-22808

An issue was discovered in the Arm Android Gralloc Module. A non-privileged user can read a small portion of the allocator process memory. This affects Bifrost r24p0 through r41p0 before r42p0, Valhall r24p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.

Products Affected

Vendor Product Version
arm avalon_android_gralloc_module r41p0
arm bifrost_android_gralloc_module *
arm valhall_android_gralloc_module *
CVE-2023-26083

Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
arm midgard *
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
arm avalon_gpu_kernel_driver *
arm midgard_gpu_kernel_driver *
CVE-2023-26084

The armv8_dec_aes_gcm_full() API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. This occurs because of an improperly initialized variable.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.7 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 2.2 1.4

Products Affected

Vendor Product Version
arm aarch64cryptolib *
CVE-2023-26085

A possible out-of-bounds read and write (due to an improper length check of shared memory) was discovered in Arm NN Android-NN-Driver before 23.02.

Products Affected

Vendor Product Version
arm nn_android_neural_networks_driver *
CVE-2023-28147

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm avalon_gpu_kernel_driver *
arm midgard_gpu_kernel_driver *
CVE-2023-28469

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
arm avalon_gpu_kernel_driver *
CVE-2023-31339

Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
psirt@amd.com 4.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H 0.6 4.2

Products Affected

Vendor Product Version
amd trusted_firmware-a *
arm trusted_firmware-a *
CVE-2023-32804

Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
arm midgard_gpu_kernel_driver *
CVE-2023-33200

A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 1.0 3.6

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm mali_gpu_kernel_driver *
CVE-2023-34320

Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable memory, and either a store exclusive or register read of the Physical Address Register (PAR_EL1) in close proximity.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
xen xen *
arm cortex-a77_firmware r0p0
arm cortex-a77_firmware r1p0
CVE-2023-34970

A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 1.0 3.6

Products Affected

Vendor Product Version
arm mali_gpu_kernel_driver r44p0
arm valhall_gpu_kernel_driver r44p0
CVE-2023-3889

A local non-privileged user can make improper GPU memory processing operations. If the operations are carefully prepared, then they could be used to gain access to already freed memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
CVE-2023-40271

In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function (defined during the build-time configuration phase) implemented with a dedicated function (i.e., not relying on usage of multipart functions), the buffer comparison during the verification of the authentication tag does not happen on the full 16 bytes but just on the first 4 bytes, thus leading to the possibility that unauthenticated payloads might be identified as authentic. This affects TF-Mv1.6.0, TF-Mv1.6.1, TF-Mv1.7.0, and TF-Mv1.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

Products Affected

Vendor Product Version
arm trusted_firmware-m 1.7.0
arm trusted_firmware-m 1.8.0
arm trusted_firmware-m 1.6.1
arm trusted_firmware-m 1.6.0
CVE-2023-4211

A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
arm midgard_gpu_kernel_driver *
CVE-2023-4272

A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm mali_gpu_kernel_driver r41p0
arm midgard_gpu_kernel_driver *
CVE-2023-4295

A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
arm mali_gpu_kernel_driver *
CVE-2023-43615

Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
fedoraproject fedora 38
fedoraproject fedora 39
fedoraproject fedora 37
arm mbed_tls *
CVE-2023-45199

Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2023-5091

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r37p0 through r40p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
CVE-2023-51712

An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function.

Products Affected

Vendor Product Version
arm trusted_firmware-m *
CVE-2023-52353

An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2023-5249

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper memory processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn cause a use-after-free.This issue affects Bifrost GPU Kernel Driver: from r35p0 through r40p0; Valhall GPU Kernel Driver: from r35p0 through r40p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 1.0 5.9

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
CVE-2023-5427

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r45p0; Valhall GPU Kernel Driver: from r44p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r45p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2023-5643

Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. Depending on the configuration of the Mali GPU Kernel Driver, and if the system’s memory is carefully prepared by the user, then this in turn could write to memory outside of buffer bounds.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r45p0; Valhall GPU Kernel Driver: from r41p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r45p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2023-6143

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user and the system is under heavy load, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r1p0 through r18p0; Valhall GPU Kernel Driver: from r37p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
arm midgard_gpu_kernel_driver *
CVE-2023-6363

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r41p0 through r47p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2024-0153

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. If the operations are carefully prepared, then this in turn could give them access to all system memory. This issue affects Valhall GPU Firmware: from r29p0 through r46p0; Arm 5th Gen GPU Architecture Firmware: from r41p0 through r46p0.

Products Affected

Vendor Product Version
arm 5th_gen_gpu_architecture_firmware *
arm valhall_gpu_firmware *
CVE-2024-0671

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Midgard GPU Kernel Driver: from r19p0 through r32p0; Bifrost GPU Kernel Driver: from r7p0 through r48p0; Valhall GPU Kernel Driver: from r19p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r48p0.

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
arm midgard_gpu_kernel_driver *
CVE-2024-1065

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r45p0 through r48p0; Valhall GPU Kernel Driver: from r45p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r45p0 through r48p0.

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2024-10929

In certain circumstances, an issue in Arm Cortex-A57, Cortex-A72 (revisions before r1p0), Cortex-A73 and Cortex-A75 may allow an adversary to gain a weak form of control over the victim's branch history.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5

Products Affected

Vendor Product Version
arm cortex-a72_firmware -
arm cortex-a75_firmware -
arm cortex-a57_firmware -
arm cortex-a73_firmware -
CVE-2024-11863

Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
arm scp_firmware *
CVE-2024-11864

Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
arm scp_firmware *
CVE-2024-1395

Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This issue affects Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.

Products Affected

Vendor Product Version
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2024-22905

Buffer Overflow vulnerability in ARM mbed-os v.6.17.0 allows a remote attacker to execute arbitrary code via a crafted script to the hciTrSerialRxIncoming function.

Products Affected

Vendor Product Version
arm mbed_os 6.17.0
CVE-2024-23170

An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2024-23744

An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2024-23775

Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2024-28755

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the mbedtls_ssl_session_reset() API, the maximum TLS version to be negotiated was not restored to the configured one. An attacker was able to prevent an Mbed TLS server from establishing any TLS 1.3 connection, potentially resulting in a Denial of Service or forced version downgrade from TLS 1.3 to TLS 1.2.

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2024-28836

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 client could put a TLS 1.3-only server into an infinite loop processing a TLS 1.2 ClientHello, resulting in a denial of service. If the TLS 1.2 implementation was disabled at runtime, a TLS 1.2 client can successfully establish a TLS 1.2 connection with the server.

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.

Products Affected

Vendor Product Version
fedoraproject fedora 38
fedoraproject fedora 39
fedoraproject fedora 40
arm mbed_crypto *
arm mbed_tls *
CVE-2024-30166

In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello.

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2024-3655

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r43p0 through r49p0; Valhall GPU Kernel Driver: from r43p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r43p0 through r49p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2024-45158

An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. (This never happens in internal library calls, but can affect applications that call these functions directly.)

Products Affected

Vendor Product Version
arm mbed_tls 3.6.0
CVE-2024-4610

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
CVE-2024-48981

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet header by looking up the identifying first byte and matching it against a table of possible lengths. The initial parsing function, hciTrSerialRxIncoming does not drop packets with invalid identifiers but also does not set a safe default for the length of unknown packets' headers, leading to a buffer overflow. This can be leveraged into an arbitrary write by an attacker. It is possible to overwrite the pointer to a not-yet-allocated buffer that is supposed to receive the contents of the packet body. One can then overwrite the state variable used by the function to determine which state of packet parsing is currently occurring. Because the buffer is allocated when the last byte of the header has been copied, the combination of having a bad header length variable that will never match the counter variable and being able to overwrite the state variable with the resulting buffer overflow can be used to advance the function to the next step while skipping the buffer allocation and resulting pointer write. The next 16 bytes from the packet body are then written wherever the corrupted data pointer is pointing.

Products Affected

Vendor Product Version
arm mbed 6.16.0
CVE-2024-48982

An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. This value is assumed to be greater than or equal to 3, but the software doesn't ensure that this is the case. Supplying a length less than 3 leads to a buffer overflow in a buffer that is allocated later. It is simultaneously possible to cause another integer overflow by supplying large length values because the provided length value is increased by a few bytes to account for additional information that is supposed to be stored there. This bug is trivial to exploit for a denial of service but is not certain to suffice to bring the system down and can generally not be exploited further because the exploitable buffer is dynamically allocated.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
arm mbed 6.16.0
CVE-2024-48983

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the packet body determined earlier plus the header length. WsfMsgAlloc then increments this again by sizeof(wsfMsg_t). This may cause an integer overflow that results in the buffer being significantly too small to contain the entire packet. This may cause a buffer overflow of up to 65 KB . This bug is trivial to exploit for a denial of service but can generally not be exploited further because the exploitable buffer is dynamically allocated.

Products Affected

Vendor Product Version
arm mbed 6.16.0
CVE-2024-48984

An issue was discovered in MBed OS 6.16.0. When parsing hci reports, the hci parsing software dynamically determines the length of a list of reports by reading a byte from an input stream. It then fetches the length of the first report, uses it to calculate the beginning of the second report, etc. In doing this, it tracks the largest report so it can later allocate a buffer that fits every individual report (but only one at a time). It does not, however, validate that these addresses are all contained within the buffer passed to hciEvtProcessLeExtAdvReport. It is then possible, though unlikely, that the buffer designated to hold the reports is allocated in such a way that one of these out-of-bounds length fields is contained within the new buffer. When the (n-1)th report is copied, it overwrites the length field of the nth report. This now corrupted length field is then used for a memcpy into the new buffer, which may lead to a buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
arm mbed_os 6.16.0
CVE-2024-48985

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet data. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the packet body determined earlier and the header length. If the allocate fails because the specified packet is too large, no exception handling occurs and hciTrSerialRxIncoming continues to write bytes into the 4-byte large temporary header buffer, leading to a buffer overflow. This can be leveraged into an arbitrary write by an attacker. It is possible to overwrite the pointer to the buffer that is supposed to receive the contents of the packet body but which couldn't be allocated. One can then overwrite the state variable used by the function to determine which step of the parsing process is currently being executed. This advances the function to the next state, where it proceeds to copy data to that arbitrary location. The packet body is then written wherever the corrupted data pointer is pointing.

Products Affected

Vendor Product Version
arm mbed 6.16.0
CVE-2024-48986

An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. Certain events cause a callback, the logic for which allocates a buffer (the length of which is determined by looking up the event type in a table). The subsequent write operation, however, copies the amount of data specified in the packet header, which may lead to a buffer overflow. This bug is trivial to exploit for a denial of service but is not certain to suffice to bring the system down and can generally not be exploited further because the exploitable buffer is dynamically allocated.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
arm mbed 6.16.0
CVE-2024-49195

Mbed TLS 3.5.x through 3.6.x before 3.6.2 has a buffer underrun in pkwrite when writing an opaque key pair

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2024-5660

Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-A710, Cortex-X1, Cortex-X1C, Cortex-X2, Cortex-X3, Cortex-X4, Cortex-X925, Neoverse V1, Neoverse V2, Neoverse V3, Neoverse V3AE, Neoverse N2 may permit bypass of Stage-2 translation and/or GPT protection.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
arm cortex-a78c_firmware -
arm cortex-a710_firmware -
arm cortex-a78_firmware -
arm cortex-x1c_firmware -
arm cortex-x3_firmware -
arm cortex-a77_firmware -
arm neoverse-v1_firmware -
arm cortex-x925_firmware -
arm cortex-x2_firmware -
arm neoverse-v3ae_firmware -
arm cortex-a78ae_firmware -
arm neoverse-v3_firmware -
arm neoverse-v2_firmware -
arm cortex-x1_firmware -
arm neoverse_n2_firmware -
arm cortex-x4_firmware -
CVE-2024-6790

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a non-privileged user process to make valid GPU memory processing operations, including via WebGL or WebGPU, to cause the whole system to become unresponsive.This issue affects Bifrost GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Valhall GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Arm 5th Gen GPU Architecture Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver r44p1
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver r44p1
arm bifrost_gpu_kernel_driver r44p1
CVE-2024-7881

An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a privileged location and consume those contents as an address that is also dereferenced.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5

Products Affected

Vendor Product Version
arm c1-pro_firmware -
arm c1-premium_firmware -
arm neoverse-v3ae_firmware -
arm cortex-x3_firmware -
arm neoverse-v3_firmware -
arm neoverse-v2_firmware -
arm c1-ultra_firmware -
arm cortex-x4_firmware -
arm cortex-x925_firmware -
CVE-2024-7883

When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first use of floating-point since entering Secure state. This allows an attacker to read a limited quantity of Secure stack contents with an impact on confidentiality. This issue is specific to code generated using LLVM-based compilers.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
arm-security@arm.com 3.7 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 2.2 1.4

Products Affected

Vendor Product Version
arm arm_compiler_for_embedded_fusa 6.21
arm arm_compiler_for_functional_safety 6.6
arm arm_compiler_for_embedded *
arm arm_compiler_for_embedded_fusa 6.16
arm clang *
CVE-2024-9413

The transport_message_handler function in SCP-Firmware release versions 2.11.0-2.15.0 does not properly handle errors, potentially allowing an Application Processor (AP) to cause a buffer overflow in System Control Processor (SCP) firmware.

Products Affected

Vendor Product Version
arm scp_firmware *
CVE-2025-0015

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to make improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0; Arm 5th Gen GPU Architecture Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2025-0050

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to make valid GPU processing operations, including via WebGL or WebGPU, to access a limited amount outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r0p0 through r49p2, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r19p0 through r49p2, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p2, from r50p0 through r53p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
arm 5th_gen_gpu_architecture_userspace_driver *
arm valhall_gpu_userspace_driver *
arm bifrost_gpu_userspace_driver *
CVE-2025-0072

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2025-0073

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 before r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 before r54p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
arm 5th_gen_gpu_architecture_kernel_driver r53p0
arm valhall_gpu_kernel_driver r53p0
CVE-2025-0427

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r8p0 through r49p3, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r19p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2025-0647

In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by the TLBI.

Products Affected

Vendor Product Version
arm neoverse-n2_firmware -
arm cortex-a710_firmware -
arm c1-premium_firmware -
arm neoverse-v3ae_firmware -
arm cortex-x3_firmware -
arm neoverse-v3_firmware -
arm neoverse-v2_firmware -
arm c1-ultra_firmware -
arm cortex-x4_firmware -
arm cortex-x925_firmware -
arm cortex-x2_firmware -
CVE-2025-0819

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r49p3, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r44p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r49p3, from r50p0 through r54p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
arm bifrost_gpu_kernel_driver r51p0
arm bifrost_gpu_kernel_driver r50p0
CVE-2025-0932

Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
arm 5th_gen_gpu_architecture_userspace_driver *
arm valhall_gpu_userspace_driver *
arm bifrost_gpu_userspace_driver *
CVE-2025-1246

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to access outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r18p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r28p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p3, from r50p0 through r54p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
arm 5th_gen_gpu_architecture_userspace_driver *
arm valhall_gpu_userspace_driver *
arm bifrost_gpu_userspace_driver r50p0
arm bifrost_gpu_userspace_driver r51p0
arm bifrost_gpu_userspace_driver *
CVE-2025-27809

Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 5.4 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N 2.2 2.7

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 5.4 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N 2.2 2.7

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2025-2879

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to expose sensitive data.This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p4, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p4, from r50p0 through r54p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2025-3212

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p4, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r41p0 through r49p4, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p4, from r50p0 through r54p0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

Products Affected

Vendor Product Version
arm bifrost_gpu_kernel_driver *
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2025-47917

Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtls_x509_string_to_names() takes a head argument that is documented as an output argument. The documentation does not suggest that the function will free that pointer; however, the function does call mbedtls_asn1_free_named_data_list() on that argument, which performs a deep free(). As a result, application code that uses this function (relying only on documented behavior) is likely to still hold pointers to the memory blocks that were freed, resulting in a high risk of use-after-free or double-free. In particular, the two sample programs x509/cert_write and x509/cert_req are affected (use-after-free if the san string contains more than one DN).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
cve@mitre.org 8.9 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:H 2.2 6.0

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2025-48965

Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_data can trigger conflicting data with val.p of NULL but val.len greater than zero.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 4.0 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L 2.2 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS#7 padding mode is used.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 4.0 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N 2.2 1.4
nvd@nist.gov 3.7 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 2.2 1.4

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2025-49600

In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_verify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS (Leighton-Micali Signature) forgery in a fault scenario. Specifically, unchecked return values in mbedtls_lms_verify allow an attacker (who can induce a hardware hash accelerator fault) to bypass LMS signature verification by reusing stale stack data, resulting in acceptance of an invalid signature. In mbedtls_lms_verify, the return values of the internal Merkle tree functions create_merkle_leaf_value and create_merkle_internal_value are not checked. These functions return an integer that indicates whether the call succeeded or not. If a failure occurs, the output buffer (Tc_candidate_root_node) may remain uninitialized, and the result of the signature verification is unpredictable. When the software implementation of SHA-256 is used, these functions will not fail. However, with hardware-accelerated hashing, an attacker could use fault injection against the accelerator to bypass verification.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 4.9 MEDIUM CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N 0.5 4.0

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2025-49601

In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key allows context-dependent attackers to trigger a crash or limited adjacent-memory disclosure by supplying a truncated LMS (Leighton-Micali Signature) public-key buffer under four bytes. An LMS public key starts with a 4-byte type indicator. The function mbedtls_lms_import_public_key reads this type indicator before validating the size of its input.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 4.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 2.2 2.5

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2025-52496

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 7.8 HIGH CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N 1.4 5.8

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2025-52497

Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtls_pem_read_buffer and two mbedtls_pk_parse functions, via untrusted PEM input.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 4.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 2.2 2.5

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2025-54764

Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtls_mpi_mod_inv or mbedtls_mpi_gcd.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2025-59438

Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
arm mbed_tls *
CVE-2025-6349

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 through r54p1; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 through r54p1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2025-66442

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.1 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 1.4 3.6

Products Affected

Vendor Product Version
arm tf-psa-crypto *
arm mbed_tls *
CVE-2025-7427

Uncontrolled Search Path Element in Arm Development Studio before 2025 may allow an attacker to perform a DLL hijacking attack. Successful exploitation could lead to local arbitrary code execution in the context of the user running Arm Development Studio.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
arm arm_development_studio *
CVE-2025-8045

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 through r54p1; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 through r54p1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
arm valhall_gpu_kernel_driver *
arm 5th_gen_gpu_architecture_kernel_driver *
CVE-2026-34872

An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

Products Affected

Vendor Product Version
arm tf-psa-crypto 1.0.0
arm mbed_tls *
CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
arm mbed_tls 4.0.0
arm mbed_tls *
CVE-2026-34877

An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures allows an attacker who can modify the serialized structures to induce memory corruption, leading to arbitrary code execution. This is caused by Incorrect Use of Privileged APIs.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
arm mbed_tls 4.0.0
arm mbed_tls *