vulnerability

Red Hat: CVE-2018-5407: Moderate: openssl security and bug fix update (Multiple Advisories)

Name: Red Hat: CVE-2018-5407: Moderate: openssl security and bug fix update (Multiple Advisories)
Creator: Red Hat
Published: 2018-11-15T00:00:00.000Z
Keywords: CVE, Red Hat, 2018, 5407, Moderate, redhat-upgrade-openssl, redhat-upgrade-openssl-debuginfo, redhat-upgrade-openssl-devel, redhat-upgrade-openssl-libs, redhat-upgrade-openssl-perl, redhat-upgrade-openssl-static, redhat-upgrade-ovmf, Severity 2

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:N/A:N)

Published

Nov 15, 2018

Added

Mar 14, 2019

Modified

Feb 19, 2026

Description

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

Solutions

redhat-upgrade-opensslredhat-upgrade-openssl-debuginforedhat-upgrade-openssl-develredhat-upgrade-openssl-libsredhat-upgrade-openssl-perlredhat-upgrade-openssl-staticredhat-upgrade-ovmf

References

NVD-CVE-2018-5407
REDHAT-RHSA-2019:0483
REDHAT-RHSA-2019:0651
REDHAT-RHSA-2019:0652
REDHAT-RHSA-2019:2125
REDHAT-RHSA-2019:3929
REDHAT-RHSA-2019:3931
REDHAT-RHSA-2019:3932
REDHAT-RHSA-2019:3933
REDHAT-RHSA-2019:3935

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report