vulnerability

FreeBSD: VID-4e07d94f-75a5-11e8-85d1-a4badb2f4699 (CVE-2018-3665): FreeBSD -- Lazy FPU State Restore Information Disclosure

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:M/Au:N/C:C/I:N/A:N)	Jun 21, 2018	Jun 22, 2018	Dec 10, 2025

Severity

CVSS

(AV:L/AC:M/Au:N/C:C/I:N/A:N)

Published

Jun 21, 2018

Added

Jun 22, 2018

Modified

Dec 10, 2025

Description

Problem Description: A subset of Intel processors can allow a local thread to infer data from another thread through a speculative execution side channel when Lazy FPU state restore is used. Impact: Any local thread can potentially read FPU state information from other threads running on the host. This could include cryptographic keys when the AES-NI CPU feature is present.

Solution

freebsd-upgrade-base-11_1-release-p11

References

CVE-2018-3665
https://attackerkb.com/topics/CVE-2018-3665
CWE-200

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today