CVE-2018-5407

LOW

Description

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

References

http://www.securityfocus.com/bid/105897

https://access.redhat.com/errata/RHSA-2019:0483

https://access.redhat.com/errata/RHSA-2019:0651

https://access.redhat.com/errata/RHSA-2019:0652

https://access.redhat.com/errata/RHSA-2019:2125

https://access.redhat.com/errata/RHSA-2019:3929

https://access.redhat.com/errata/RHSA-2019:3931

https://access.redhat.com/errata/RHSA-2019:3932

https://access.redhat.com/errata/RHSA-2019:3933

https://access.redhat.com/errata/RHSA-2019:3935

https://eprint.iacr.org/2018/1060.pdf

https://github.com/bbbrumley/portsmash

https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html

https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/

https://security.gentoo.org/glsa/201903-10

https://security.netapp.com/advisory/ntap-20181126-0001/

https://support.f5.com/csp/article/K49711130?utm_source=f5support&utm_medium=RSS

https://usn.ubuntu.com/3840-1/

https://www.debian.org/security/2018/dsa-4348

https://www.debian.org/security/2018/dsa-4355

https://www.exploit-db.com/exploits/45785/

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.oracle.com/security-alerts/cpujan2020.html

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://www.tenable.com/security/tns-2018-16

https://www.tenable.com/security/tns-2018-17

Details

Source: MITRE

Published: 2018-11-15

Updated: 2020-09-18

Type: CWE-203

Risk Information

CVSS v2.0

Base Score: 1.9

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.4

Severity: LOW

CVSS v3.0

Base Score: 4.7

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 1

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*

cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*

cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:0.9.8:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql_enterprise_backup:*:*:*:*:*:*:*:* versions up to 3.12.3 (inclusive)

cpe:2.3:a:oracle:mysql_enterprise_backup:*:*:*:*:*:*:*:* versions from 3.12.4 to 4.1.2 (inclusive)

cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*

cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*

cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* versions from 17.7 to 17.12 (inclusive)

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:*:*:*:*:*:*:*

cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*

Configuration 7

OR

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Tenable Plugins

View all (59 total)

IDNameProductFamilySeverity
132479NewStart CGSL CORE 5.05 / MAIN 5.05 : ovmf Multiple Vulnerabilities (NS-SA-2019-0239)NessusNewStart CGSL Local Security Checks
high
131584EulerOS 2.0 SP2 : openssl110f (EulerOS-SA-2019-2430)NessusHuawei Local Security Checks
medium
131425NewStart CGSL CORE 5.04 / MAIN 5.04 : ovmf Multiple Vulnerabilities (NS-SA-2019-0218)NessusNewStart CGSL Local Security Checks
high
131216RHEL 7 : JBoss Core Services (RHSA-2019:3933) (0-Length Headers Leak) (Data Dribble) (Internal Data Buffering) (Resource Loop)NessusRed Hat Local Security Checks
medium
131215RHEL 6 : JBoss Core Services (RHSA-2019:3932) (0-Length Headers Leak) (Data Dribble) (Internal Data Buffering) (Resource Loop)NessusRed Hat Local Security Checks
medium
131214RHEL 6 / 7 / 8 : JBoss Web Server (RHSA-2019:3929)NessusRed Hat Local Security Checks
high
128356CentOS 7 : ovmf (CESA-2019:2125)NessusCentOS Local Security Checks
high
128248Scientific Linux Security Update : ovmf on SL7.x x86_64 (20190806)NessusScientific Linux Local Security Checks
high
128197EulerOS 2.0 SP8 : compat-openssl10 (EulerOS-SA-2019-1828)NessusHuawei Local Security Checks
low
127676RHEL 7 : ovmf (RHSA-2019:2125)NessusRed Hat Local Security Checks
high
127262NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0065)NessusNewStart CGSL Local Security Checks
medium
126859EulerOS 2.0 SP2 : openssl (EulerOS-SA-2019-1732)NessusHuawei Local Security Checks
medium
126046SUSE SLES12 Security Update : openssl (SUSE-SU-2019:1553-1)NessusSuSE Local Security Checks
medium
125707AIX OpenSSL Advisory : openssl_advisory29.ascNessusAIX Local Security Checks
medium
125481F5 Networks BIG-IP : OpenSSL and Intel processor SMT side-channel vulnerability (PortSmash) (K49711130)NessusF5 Networks Local Security Checks
low
125147Oracle Enterprise Manager Ops Center (Apr 2019 CPU)NessusMisc.
high
124612EulerOS 2.0 SP3 : openssl (EulerOS-SA-2019-1326)NessusHuawei Local Security Checks
medium
124565IBM BigFix Platform 9.5.x < 9.5.12 Multiple VulnerabilitiesNessusWeb Servers
high
124171Oracle Tuxedo Multiple Vulnerabilities (Apr 2019 CPU)NessusMisc.
medium
124169Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)NessusCGI abuses
high
124157Oracle Enterprise Manager Cloud Control (Apr 2019 CPU)NessusMisc.
medium
124124Amazon Linux 2 : openssl (ALAS-2019-1188)NessusAmazon Linux Local Security Checks
medium
123957Amazon Linux AMI : openssl (ALAS-2019-1188)NessusAmazon Linux Local Security Checks
medium
123735EulerOS Virtualization 2.5.3 : openssl (EulerOS-SA-2019-1267)NessusHuawei Local Security Checks
medium
123619EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-1145)NessusHuawei Local Security Checks
medium
123402openSUSE Security Update : openssl-1_0_0 (openSUSE-2019-985)NessusSuSE Local Security Checks
medium
122952CentOS 7 : openssl (CESA-2019:0483)NessusCentOS Local Security Checks
low
122845Scientific Linux Security Update : openssl on SL7.x x86_64 (20190313)NessusScientific Linux Local Security Checks
low
122840RHEL 7 : openssl (RHSA-2019:0483)NessusRed Hat Local Security Checks
low
122838Oracle Linux 7 : openssl (ELSA-2019-0483)NessusOracle Linux Local Security Checks
low
122832GLSA-201903-10 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
122418openSUSE Security Update : nodejs6 (openSUSE-2019-234)NessusSuSE Local Security Checks
medium
122230SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2019:0395-1)NessusSuSE Local Security Checks
medium
121899Photon OS 1.0: Openssl PHSA-2018-1.0-0199NessusPhotonOS Local Security Checks
medium
121415openSUSE Security Update : nodejs4 (openSUSE-2019-88)NessusSuSE Local Security Checks
medium
121383OpenSSL 1.0.x < 1.0.2q Multiple VulnerabilitiesNessusWeb Servers
medium
121292SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2019:0117-1)NessusSuSE Local Security Checks
medium
121247Oracle VM VirtualBox 5.2.x < 5.2.24 / 6.0.x < 6.0.2 (Jan 2019 CPU)NessusMisc.
medium
120198Tenable Nessus < 7.1.4 Multiple Vulnerabilities (TNS-2018-17)NessusMisc.
medium
120197Tenable Nessus < 8.1.1 Multiple Vulnerabilities (TNS-2018-16)NessusMisc.
medium
120180SUSE SLED15 / SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2018:4001-1)NessusSuSE Local Security Checks
medium
119938Node.js Multiple Vulnerabilities (November 2018 Security Releases)NessusMisc.
medium
119937SUSE SLES11 Security Update : openssl (SUSE-SU-2018:4274-1)NessusSuSE Local Security Checks
medium
119923EulerOS 2.0 SP3 : openssl110f (EulerOS-SA-2018-1434)NessusHuawei Local Security Checks
low
119792Debian DSA-4355-1 : openssl1.0 - security updateNessusDebian Local Security Checks
medium
119646SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2018:4068-1)NessusSuSE Local Security Checks
medium
119641openSUSE Security Update : compat-openssl098 (openSUSE-2018-1529)NessusSuSE Local Security Checks
medium
119547openSUSE Security Update : openssl-1_0_0 (openSUSE-2018-1518)NessusSuSE Local Security Checks
medium
119511FreeBSD : node.js -- multiple vulnerabilities (2a86f45a-fc3c-11e8-a414-00155d006b02)NessusFreeBSD Local Security Checks
medium
119497Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : openssl, openssl1.0 vulnerabilities (USN-3840-1)NessusUbuntu Local Security Checks
medium
119457SUSE SLED12 / SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2018:3989-1)NessusSuSE Local Security Checks
medium
119313Debian DSA-4348-1 : openssl - security updateNessusDebian Local Security Checks
medium
119139openSUSE Security Update : openssl (openSUSE-2018-1464)NessusSuSE Local Security Checks
medium
119117SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2018:3866-1)NessusSuSE Local Security Checks
medium
119116SUSE SLES12 Security Update : openssl (SUSE-SU-2018:3864-1)NessusSuSE Local Security Checks
medium
119113Slackware 14.0 / 14.1 / 14.2 / current : openssl (SSA:2018-325-01)NessusSlackware Local Security Checks
medium
119103Debian DLA-1586-1 : openssl security updateNessusDebian Local Security Checks
medium
118901FreeBSD : OpenSSL -- timing vulnerability (6f170cf2-e6b7-11e8-a9a8-b499baebfeaf)NessusFreeBSD Local Security Checks
low
112120OpenSSL 1.1.0 < 1.1.0i Multiple VulnerabilitiesNessusWeb Servers
medium