CVE-2018-9056
MEDIUMIntel Atom C/E/X3 - Unauthorized Information Disclosure via BranchScope Side-Channel Attack
Title source: llmDescription
Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
http://www.cs.ucr.edu/~nael/pubs/asplos18.pdf
Third Party Advisory x_refsource_misc
https://arstechnica.com/gadgets/2018/03/its-not-just-spectre-researchers-reveal-more-branch-prediction-attacks/
Scores
CVSS v3
5.6
EPSS
0.0012
EPSS Percentile
30.8%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (50)
arm/cortex-a
9
arm/cortex-a
15
arm/cortex-a
17
arm/cortex-a
57
arm/cortex-a
72
arm/cortex-a
73
arm/cortex-a
75
intel/atom_c
c2308
intel/atom_c
c2316
intel/atom_c
c2338
... and 40 more
Published
Mar 27, 2018
Tracked Since
Feb 18, 2026