View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-3640 severity moderate: SUSE including 22 source package names (microcode_ctl-1.17-102.57.64.21.1, microcode_ctl-1.17-102.83.27.1, …), 48 product×package rows across 48 product lines (SUSE CaaS Platform 3.0, SUSE Enterprise Storage 4, … (48 product lines)): Fixed 48.
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.