[VU#180049] CVE-2018-3639 published - alpine
——BEGIN PGP SIGNED MESSAGE——
Hash: SHA256
Greetings,
We have published VU#180049 “CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks”. It is now available at <https://www.kb.cert.org/vuls/id/180049>.
This publication addresses the CVE-2018-3639 (Spectre “Variant 4) and CVE-2018-3640 (”Variant 3a") vulnerabilities disclosed today.
We’re happy to include a vendor statement and/or link to a URL if you wish to provide one. Please reply to this email with the content you wish for us to include.
Please let us know if you have any questions or concerns.
Best Regards,
Garret WASSERMANN
Vulnerability Analysis Team
CERT Coordination Center (CERT/CC)
A division of:
Software Engineering Institute
Carnegie Mellon University
——BEGIN PGP SIGNATURE——
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBCAAGBQJbA0L9AAoJEOPd3Dh7UC7PO+AP/3UemPtbXxvxvKq+fJU/ggQD
zOqNGcI+/7LV36OoYYHfrGLSh7BoSZMJL2mkzdoMKeo6JJ1xH2sglxEI9X5O+kBV
hEOosJAgGMwPYWg/CJLoOMQMkSP2CioQV2el7jLLqgEmcEoSkA579QhWvisH5f7Z
6adUZiSUHsPimVHhmX42ozgt3AILglcHEiMHAm+19Rv5eAeNw328Q9B9pqjvWAlA
tEjGpNo1+4VgDXDVWtyY1lflwfxxeXrDBW3wyAqcvQXJYGW1sWZENuvdO03o+Qgj
Ked86fzB7/D3n1TurN1QSCa8jnktH9fEVvm4tCSiMGWB2XFRoRIn0ZMsoqmLTk+l
ITsBkmaxo5ajWwTOcAnQfXp5lEWlWKxW7gcGg09RAUfVnLw4n5V7ye81RJuzXmI6
R9Lt3qlC/P4LLuD3yaMad0RWL6EY7/xeyTQzOSgDuFMfLY/Wk3xOsD3Ii3DFt9pU
QXfvdanaIT+3mYhAheNSG/bx9FTRs5oEPjMTnh6XW0SjpouGiNGfEonTgzNsalM2
kWKwM3rC9PMUXW2rjA01cRe7Ogh5KTR93b1m+K5CuBZlu4QzanW7PLV7TowUdiYM
e98d12eMuBMJAWKQWXEL4twhNNbSkzCcAWes69w/UwqjlQte6KS7tfz765jVYko8
rb8QIL9nTr0wH9E3HXZ1
=+BVk
——END PGP SIGNATURE——
(from redmine: issue id 8924, created on 2018-05-21)