CVE-2018-3639
Find out more about CVE-2018-3639 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
Red Hat セキュリティーレスポンスチームは、この問題を認識しています。更新は、利用可能になり次第リリースされます。追加情報については、Red Hat ナレッジベースの以下のアーティクルを参照してください。https://access.redhat.com/security/vulnerabilities/ssbd
CVSS v3 metrics
| CVSS3 Base Score | 5.6 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N |
| Attack Vector | Local |
| Attack Complexity | High |
| Privileges Required | Low |
| User Interaction | None |
| Scope | Changed |
| Confidentiality | High |
| Integrity Impact | None |
| Availability Impact | None |
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (redhat-virtualization-host) | RHSA-2018:1710 | 2018-05-23 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (rhev-hypervisor7) | RHSA-2018:1711 | 2018-05-23 |
| Red Hat Virtualization 4 (rhvm-setup-plugins) | RHSA-2018:1674 | 2018-05-22 |
| Red Hat OpenStack Platform 12.0 (qemu-kvm-rhev) | RHSA-2018:1643 | 2018-05-22 |
| Red Hat Enterprise Linux 7 (qemu-kvm) | RHSA-2018:2001 | 2018-06-26 |
| Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (qemu-kvm) | RHSA-2018:1661 | 2018-05-22 |
| Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 (qemu-kvm-rhev) | RHSA-2018:1686 | 2018-05-22 |
| Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (libvirt) | RHSA-2018:1668 | 2018-05-22 |
| Red Hat Enterprise Linux Extended Update Support 7.3 (kernel) | RHSA-2018:1737 | 2018-05-29 |
| Red Hat MRG Grid for RHEL 6 Server v.2 (kernel-rt) | RHSA-2018:1642 | 2018-05-22 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (qemu-kvm-rhev) | RHSA-2018:1655 | 2018-05-21 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (qemu-kvm-rhev) | RHSA-2018:1654 | 2018-05-22 |
| Red Hat Enterprise Linux Advanced Update Support 7.2 (kernel) | RHSA-2018:1637 | 2018-05-29 |
| Red Hat Enterprise Linux Advanced Update Support 6.4 (qemu-kvm) | RHSA-2018:1656 | 2018-05-22 |
| Red Hat Enterprise Linux 7 (kernel-alt) | RHSA-2018:1967 | 2018-06-26 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (vdsm) | RHSA-2018:1675 | 2018-05-22 |
| Red Hat Enterprise Linux 6 (java-1.8.0-openjdk) | RHSA-2018:1650 | 2018-05-21 |
| Red Hat Enterprise Linux 7 (kernel) | RHSA-2018:1965 | 2018-06-26 |
| Red Hat Enterprise Linux 6 (kernel) | RHSA-2018:1651 | 2018-05-21 |
| Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (kernel) | RHSA-2018:1637 | 2018-05-29 |
| Red Hat Enterprise Linux 7 (java-1.7.0-openjdk) | RHSA-2018:1648 | 2018-05-22 |
| Red Hat Enterprise Linux Advanced Update Support 6.6 (qemu-kvm) | RHSA-2018:1658 | 2018-05-22 |
| Red Hat Enterprise Linux Advanced Update Support 6.5 (kernel) | RHSA-2018:1640 | 2018-05-29 |
| Red Hat Enterprise Linux Extended Update Support 7.3 (qemu-kvm) | RHSA-2018:1662 | 2018-05-22 |
| Red Hat OpenStack Platform 10 (qemu-kvm-rhev) | RHSA-2018:1644 | 2018-05-22 |
| Red Hat Enterprise Linux 6 (kernel) | RHSA-2018:1854 | 2018-06-19 |
| RHEV Hypervisor for RHEL-6 (rhev-hypervisor7) | RHSA-2018:1711 | 2018-05-23 |
| Red Hat Enterprise Linux Advanced Update Support 6.6 (kernel) | RHSA-2018:1639 | 2018-05-29 |
| Red Hat Enterprise Linux 7 (libvirt) | RHSA-2018:1997 | 2018-06-26 |
| Red Hat Enterprise Linux Extended Update Support 7.4 (kernel) | RHSA-2018:1738 | 2018-05-29 |
| Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt) | RHSA-2018:2003 | 2018-06-26 |
| Red Hat Virtualization 4 (org.ovirt.engine-root) | RHSA-2018:1676 | 2018-05-22 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (qemu-kvm-rhev) | RHSA-2018:2060 | 2018-06-27 |
| Red Hat Enterprise Linux Extended Update Support 6.7 (libvirt) | RHSA-2018:1667 | 2018-05-22 |
| Red Hat Enterprise Linux Extended Update Support 6.7 (kernel) | RHSA-2018:1826 | 2018-06-12 |
| Red Hat Enterprise Linux Extended Update Support 7.4 (qemu-kvm) | RHSA-2018:1663 | 2018-05-22 |
| Red Hat OpenStack Platform 8.0 (Liberty) (qemu-kvm-rhev) | RHSA-2018:1646 | 2018-05-22 |
| Red Hat Enterprise Linux Server TUS (v. 6.6) (qemu-kvm) | RHSA-2018:1658 | 2018-05-22 |
| Red Hat Enterprise Linux Advanced Update Support 7.2 (libvirt) | RHSA-2018:1668 | 2018-05-22 |
| Red Hat Enterprise Linux Extended Update Support 7.4 (libvirt) | RHSA-2018:1652 | 2018-05-22 |
| Red Hat Enterprise Linux Extended Update Support 7.4 (kernel) | RHSA-2018:1635 | 2018-05-22 |
| Red Hat Enterprise Linux Extended Update Support 7.4 (libvirt) | RHSA-2018:2006 | 2018-06-26 |
| Red Hat Enterprise Linux Server TUS (v. 6.6) (libvirt) | RHSA-2018:1666 | 2018-05-22 |
| Red Hat Enterprise Linux Advanced Update Support 7.2 (qemu-kvm) | RHSA-2018:1661 | 2018-05-22 |
| Red Hat Enterprise Linux 7 (kernel) | RHSA-2018:1629 | 2018-05-22 |
| Red Hat Enterprise Linux 6 (qemu-kvm) | RHSA-2018:1660 | 2018-05-21 |
| Red Hat Enterprise Linux Server TUS (v. 7.2) (qemu-kvm) | RHSA-2018:1661 | 2018-05-22 |
| Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt) | RHSA-2018:1630 | 2018-05-21 |
| Red Hat Enterprise Linux Advanced Update Support 6.4 (libvirt) | RHSA-2018:1664 | 2018-05-22 |
| Red Hat Enterprise Linux Advanced Update Support 6.5 (libvirt) | RHSA-2018:1665 | 2018-05-22 |
| Red Hat Enterprise Linux 7 (java-1.8.0-openjdk) | RHSA-2018:1649 | 2018-05-22 |
| Red Hat Enterprise Linux 6 (libvirt) | RHSA-2018:1669 | 2018-05-22 |
| Red Hat Enterprise Linux Advanced Update Support 6.4 (kernel) | RHSA-2018:1641 | 2018-05-29 |
| Red Hat Enterprise Linux Server TUS (v. 7.2) (libvirt) | RHSA-2018:1668 | 2018-05-22 |
| Red Hat OpenStack Platform 9.0 (qemu-kvm-rhev) | RHSA-2018:1645 | 2018-05-22 |
| Red Hat Enterprise Linux 6 (java-1.7.0-openjdk) | RHSA-2018:1647 | 2018-05-21 |
| Red Hat Enterprise Linux Extended Update Support 7.3 (kernel) | RHSA-2018:1636 | 2018-05-22 |
| Red Hat Enterprise Linux Server TUS (v. 6.6) (kernel) | RHSA-2018:1639 | 2018-05-29 |
| Red Hat Enterprise Linux Advanced Update Support 6.5 (qemu-kvm) | RHSA-2018:1657 | 2018-05-22 |
| Red Hat Enterprise Linux Extended Update Support 7.3 (libvirt) | RHSA-2018:1653 | 2018-05-22 |
| RHEV Manager 3 (org.ovirt.engine-root) | RHSA-2018:1688 | 2018-05-22 |
| Red Hat Enterprise Linux Extended Update Support 6.7 (kernel) | RHSA-2018:1638 | 2018-05-29 |
| Red Hat Enterprise Linux Advanced Update Support 6.6 (libvirt) | RHSA-2018:1666 | 2018-05-22 |
| Red Hat Enterprise Linux Extended Update Support 6.7 (qemu-kvm) | RHSA-2018:1659 | 2018-05-22 |
| RHEV Manager 3 (rhevm-setup-plugins) | RHSA-2018:1689 | 2018-05-22 |
| Red Hat Enterprise Linux Server TUS (v. 7.2) (kernel) | RHSA-2018:1637 | 2018-05-29 |
| Red Hat Enterprise Linux 7 (libvirt) | RHSA-2018:1632 | 2018-05-22 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (redhat-virtualization-host) | RHSA-2018:1696 | 2018-05-23 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (vdsm) | RHSA-2018:1690 | 2018-05-22 |
| Red Hat Enterprise Linux 7 (qemu-kvm) | RHSA-2018:1633 | 2018-05-22 |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Virtualization 4 | ovirt-guest-agent | 影響あり |
| Red Hat Virtualization 4 | ovirt-engine | 影響あり |
| Red Hat Virtualization 4 | rhev-hypervisor-ng | 影響あり |
| Red Hat Virtualization 4 | rhevm-setup-plugins | 影響あり |
| Red Hat OpenStack Platform 11.0 (Ocata) | qemu-kvm-rhev | 影響あり |
| Red Hat Enterprise Linux 7 | microcode_ctl | 影響あり |
| Red Hat Enterprise Linux 7 | qemu-kvm-ma | 影響あり |
| Red Hat Enterprise Linux 6 | microcode_ctl | 影響あり |
| Red Hat Enterprise Linux 5 | kernel | 影響あり |
| Red Hat Enterprise Linux 5 | microcode_ctl | 影響あり |
| RHEV Manager 3 | rhev-hypervisor-ng | 影響あり |
| RHEV Manager 3 | rhev-hypervisor | 影響あり |
| RHEV Manager 3 | vdsm | 影響あり |
| RHEV Manager 3 | ovirt-engine | 影響あり |
Acknowledgements
Red Hat は、この問題の報告について Microsoft Security Response Center (MSRC) の Ken Johnson 氏と Google Project Zero (GPZ) Jann Horn 氏に謝意を表します。External References
- https://access.redhat.com/security/vulnerabilities/ssbd
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
- https://software.intel.com/sites/default/files/managed/b9/f9/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf
- https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf
