CVE-2018-9056

Sažetak

Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope.

Reference

http://www.cs.ucr.edu/~nael/pubs/asplos18.pdf
https://arstechnica.com/gadgets/2018/03/its-not-just-spectre-researchers-reveal-more-branch-prediction-attacks/

CVSS

Base:	4.7
Impact:	6.9
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

05-05-2020 - 11:31

Objavljeno

27-03-2018 - 17:29