suse · CVE-2018-3640

Quick triage

Priority: medium Published: 2021-05-30 14:08:13 UTC Updated: 2026-04-17 15:40:06 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-3640 severity moderate: SUSE including 22 source package names (microcode_ctl-1.17-102.57.64.21.1, microcode_ctl-1.17-102.83.27.1, …), 48 product×package rows across 48 product lines (SUSE CaaS Platform 3.0, SUSE Enterprise Storage 4, … (48 product lines)): Fixed 48.

Description:

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.

cvelogic Threat Intelligence