CVE-2018-3615
MEDIUM6.4EPSS 1.6%發布日:2018/8/14修改日:2026/4/28
描述
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
受影響套件(1)
- Debian/intel-microcodefrom 0, < 3.20180703.1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.4 | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N |