QSearchQSearch

CVE-2018-3639

5.5 MEDIUM

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior ...

Published: 2018-05-22 · Last updated: 2026-05-29

Severity and scoring

CVSS
5.5 MEDIUM
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE
CWE-203

Affected products

VendorProduct
armatom_c, atom_e, atom_x5-e3930
canonicalatom_c, atom_e, atom_x5-e3930
debianatom_c, atom_e, atom_x5-e3930
intelatom_c, atom_e, atom_x5-e3930
microsoftatom_c, atom_e, atom_x5-e3930
mitelatom_c, atom_e, atom_x5-e3930
nvidiaatom_c, atom_e, atom_x5-e3930
oracleatom_c, atom_e, atom_x5-e3930
redhatatom_c, atom_e, atom_x5-e3930
schneider-electricatom_c, atom_e, atom_x5-e3930
siemensatom_c, atom_e, atom_x5-e3930
sonicwallatom_c, atom_e, atom_x5-e3930

Description

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-24228 NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data (7.8 HIGH)
  • CVE-2026-24155 NVIDIA NeMo Framework for all platforms contains a code injection vulnerability (7.8 HIGH)
  • CVE-2026-1767 A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component (5.6 MEDIUM)
  • CVE-2026-1766 A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 com... (5.6 MEDIUM)
  • CVE-2026-35273 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management) (9.8 CRITICAL)

Same CWE

  • CVE-2026-11289 Side-channel information leakage in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via... (6.5 MEDIUM)
  • CVE-2026-11284 Side-channel information leakage in PerformanceAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origi... (6.5 MEDIUM)
  • CVE-2026-45294 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework (5.3 MEDIUM)
  • CVE-2026-45410 TREK is a collaborative travel planner (5.3 MEDIUM)
  • CVE-2025-11145 Observable Discrepancy, Exposure of Sensitive Information to an Unauthorized Actor, Exposure of Private Personal Information to an Unauth... (7.5 HIGH)