Rapid7 Vulnerability & Exploit Database

Ubuntu: USN-4985-1 (CVE-2017-5715): Intel Microcode vulnerabilities

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

Ubuntu: USN-4985-1 (CVE-2017-5715): Intel Microcode vulnerabilities

Severity
2
CVSS
(AV:L/AC:M/Au:N/C:P/I:N/A:N)
Published
01/04/2018
Created
07/25/2018
Added
01/06/2018
Modified
03/22/2023

Description

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Solution(s)

  • ubuntu-upgrade-amd64-microcode
  • ubuntu-upgrade-firefox
  • ubuntu-upgrade-intel-microcode
  • ubuntu-upgrade-libjavascriptcoregtk-4-0-18
  • ubuntu-upgrade-libvirt-bin
  • ubuntu-upgrade-libvirt0
  • ubuntu-upgrade-libwebkit2gtk-4-0-37
  • ubuntu-upgrade-linux-image-3-13-0-140-generic
  • ubuntu-upgrade-linux-image-3-13-0-141-generic
  • ubuntu-upgrade-linux-image-3-13-0-141-lowlatency
  • ubuntu-upgrade-linux-image-3-13-0-143-generic
  • ubuntu-upgrade-linux-image-3-13-0-143-generic-lpae
  • ubuntu-upgrade-linux-image-3-13-0-143-lowlatency
  • ubuntu-upgrade-linux-image-3-13-0-144-generic
  • ubuntu-upgrade-linux-image-3-13-0-144-generic-lpae
  • ubuntu-upgrade-linux-image-3-2-0-133-generic
  • ubuntu-upgrade-linux-image-3-2-0-133-generic-pae
  • ubuntu-upgrade-linux-image-4-13-0-1006-azure
  • ubuntu-upgrade-linux-image-4-13-0-1007-gcp
  • ubuntu-upgrade-linux-image-4-13-0-1011-azure
  • ubuntu-upgrade-linux-image-4-13-0-1011-gcp
  • ubuntu-upgrade-linux-image-4-13-0-1015-raspi2
  • ubuntu-upgrade-linux-image-4-13-0-1017-oem
  • ubuntu-upgrade-linux-image-4-13-0-1021-oem
  • ubuntu-upgrade-linux-image-4-13-0-31-generic
  • ubuntu-upgrade-linux-image-4-13-0-31-lowlatency
  • ubuntu-upgrade-linux-image-4-13-0-36-generic
  • ubuntu-upgrade-linux-image-4-13-0-36-generic-lpae
  • ubuntu-upgrade-linux-image-4-13-0-36-lowlatency
  • ubuntu-upgrade-linux-image-4-13-0-37-generic
  • ubuntu-upgrade-linux-image-4-13-0-37-generic-lpae
  • ubuntu-upgrade-linux-image-4-13-0-37-lowlatency
  • ubuntu-upgrade-linux-image-4-4-0-1011-aws
  • ubuntu-upgrade-linux-image-4-4-0-1014-aws
  • ubuntu-upgrade-linux-image-4-4-0-1017-kvm
  • ubuntu-upgrade-linux-image-4-4-0-1019-kvm
  • ubuntu-upgrade-linux-image-4-4-0-1049-aws
  • ubuntu-upgrade-linux-image-4-4-0-1052-aws
  • ubuntu-upgrade-linux-image-4-4-0-1085-raspi2
  • ubuntu-upgrade-linux-image-4-4-0-1087-snapdragon
  • ubuntu-upgrade-linux-image-4-4-0-111-generic
  • ubuntu-upgrade-linux-image-4-4-0-111-lowlatency
  • ubuntu-upgrade-linux-image-4-4-0-111-powerpc-e500mc
  • ubuntu-upgrade-linux-image-4-4-0-111-powerpc-smp
  • ubuntu-upgrade-linux-image-4-4-0-111-powerpc64-emb
  • ubuntu-upgrade-linux-image-4-4-0-111-powerpc64-smp
  • ubuntu-upgrade-linux-image-4-4-0-112-generic
  • ubuntu-upgrade-linux-image-4-4-0-112-generic-lpae
  • ubuntu-upgrade-linux-image-4-4-0-112-lowlatency
  • ubuntu-upgrade-linux-image-4-4-0-112-powerpc-e500mc
  • ubuntu-upgrade-linux-image-4-4-0-112-powerpc-smp
  • ubuntu-upgrade-linux-image-4-4-0-112-powerpc64-emb
  • ubuntu-upgrade-linux-image-4-4-0-112-powerpc64-smp
  • ubuntu-upgrade-linux-image-4-4-0-116-generic
  • ubuntu-upgrade-linux-image-4-4-0-116-generic-lpae
  • ubuntu-upgrade-linux-image-4-4-0-116-lowlatency
  • ubuntu-upgrade-linux-image-4-4-0-116-powerpc-e500mc
  • ubuntu-upgrade-linux-image-4-4-0-116-powerpc-smp
  • ubuntu-upgrade-linux-image-4-4-0-116-powerpc64-emb
  • ubuntu-upgrade-linux-image-4-4-0-116-powerpc64-smp
  • ubuntu-upgrade-linux-image-4-4-0-9023-euclid
  • ubuntu-upgrade-linux-image-generic
  • ubuntu-upgrade-linux-image-generic-lpae
  • ubuntu-upgrade-linux-image-generic-lpae-lts-trusty
  • ubuntu-upgrade-linux-image-generic-lts-trusty
  • ubuntu-upgrade-linux-image-generic-pae
  • ubuntu-upgrade-linux-image-lowlatency
  • ubuntu-upgrade-linux-image-raspi2
  • ubuntu-upgrade-qemu-system
  • ubuntu-upgrade-qemu-system-s390x
  • ubuntu-upgrade-qemu-system-x86

References

  • https://attackerkb.com/topics/cve-2017-5715
  • 102376
  • 180049
  • 584653
  • CVE - 2017-5715
  • DSA-4120
  • DSA-4187
  • DSA-4188
  • DSA-4213
  • CVE-2017-5715
  • RHSA-2018:0292
  • USN-3516-1
  • USN-3530-1
  • USN-3531-1
  • USN-3531-2
  • USN-3531-3
  • USN-3540-1
  • USN-3540-2
  • USN-3541-1
  • USN-3541-2
  • USN-3542-1
  • USN-3542-2
  • USN-3549-1
  • USN-3560-1
  • USN-3561-1
  • USN-3580-1
  • USN-3581-1
  • USN-3581-2
  • USN-3582-1
  • USN-3582-2
  • USN-3594-1
  • USN-3597-1
  • USN-3597-2
  • USN-3620-2
  • USN-3690-1
  • USN-3690-2
  • USN-3777-3
  • USN-4985-1
View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;