CVE-2018-5407
- Source
- https://cve.org/CVERecord?id=CVE-2018-5407
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5407.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-5407
- Downstream
- Related
- Published
- 2018-11-15T21:29:00.233Z
- Modified
- 2026-03-10T14:45:05.313673Z
- Severity
-
- 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
- References
-
- https://support.f5.com/csp/article/K49711130?utm_source=f5support&%3Butm_medium=RSS
- https://access.redhat.com/errata/RHSA-2019:0483
- https://access.redhat.com/errata/RHSA-2019:3931
- https://access.redhat.com/errata/RHSA-2019:3932
- https://usn.ubuntu.com/3840-1/
- https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
- https://access.redhat.com/errata/RHSA-2019:0652
- https://www.debian.org/security/2018/dsa-4348
- https://www.debian.org/security/2018/dsa-4355
- https://www.tenable.com/security/tns-2018-16
- https://access.redhat.com/errata/RHSA-2019:3929
- https://access.redhat.com/errata/RHSA-2019:3933
- https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html
- http://www.securityfocus.com/bid/105897
- https://access.redhat.com/errata/RHSA-2019:2125
- https://eprint.iacr.org/2018/1060.pdf
- https://security.gentoo.org/glsa/201903-10
- https://security.netapp.com/advisory/ntap-20181126-0001/
- https://www.tenable.com/security/tns-2018-17
- https://access.redhat.com/errata/RHSA-2019:0651
- https://access.redhat.com/errata/RHSA-2019:3935
- https://www.oracle.com/security-alerts/cpujan2020.html
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- https://github.com/bbbrumley/portsmash
- https://www.exploit-db.com/exploits/45785/
Affected packages
Git / github.com/bbbrumley/portsmash
Affected ranges
- Type
- GIT
- Repo
- https://github.com/bbbrumley/portsmash
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "1.0.0" } ] }
- Type
- GIT
- Repo
- https://github.com/nodejs/node
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "18.10" }, { "introduced": "0" }, { "last_affected": "8.0" }, { "introduced": "0" }, { "last_affected": "9.0" }, { "introduced": "0" }, { "fixed": "6.14.4" }, { "introduced": "8.0.0" }, { "fixed": "8.11.4" }, { "introduced": "10.0.0" }, { "fixed": "10.9.0" }, { "introduced": "1.0.2" }, { "fixed": "1.0.2q" }, { "introduced": "1.1.0" }, { "fixed": "1.1.0i" }, { "introduced": "0" }, { "fixed": "8.1.1" }, { "introduced": "0" }, { "last_affected": "0.9.8" }, { "introduced": "0" }, { "last_affected": "1.0.1" }, { "introduced": "0" }, { "last_affected": "8.4" }, { "introduced": "0" }, { "last_affected": "15.1" }, { "introduced": "0" }, { "last_affected": "15.2" }, { "introduced": "0" }, { "last_affected": "16.1" }, { "introduced": "0" }, { "last_affected": "16.2" }, { "introduced": "0" }, { "last_affected": "18.8" }, { "introduced": "0" }, { "fixed": "6.0.0" }, { "introduced": "0" }, { "last_affected": "7.0" }, { "introduced": "0" }, { "last_affected": "7.0" }, { "introduced": "0" }, { "last_affected": "7.6" }, { "introduced": "0" }, { "last_affected": "7.6" }, { "introduced": "0" }, { "last_affected": "7.6" }, { "introduced": "0" }, { "last_affected": "7.6" }, { "introduced": "0" }, { "last_affected": "7.0" } ] }
Affected versions
v1.*
v1.0.0
v1.0.2
v1.0.2-release
v1.0.3
v1.0.4
v1.1.0
v1.2.0
v1.3.0
v1.4.1
v1.4.2
v1.4.3
v1.5.0
v1.5.1
v1.6.0
v1.6.1
v1.6.2
v1.6.3
v1.6.4
v1.7.0
v1.7.1
v1.8.1
v10.*
v10.0.0
v10.1.0
v10.2.0
v10.2.1
v10.3.0
v10.4.0
v10.4.1
v10.5.0
v10.6.0
v10.7.0
v10.8.0
v2.*
v2.0.0
v2.0.1
v2.0.2
v2.1.0
v2.2.0
v2.2.1
v2.3.0
v2.3.1
v2.3.2
v2.3.3
v2.3.4
v2.4.0
v2.5.0
v3.*
v3.0.0
v6.*
v6.0.0
v6.1.0
v6.10.0
v6.10.1
v6.10.2
v6.10.3
v6.11.0
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.12.0
v6.12.1
v6.12.2
v6.12.3
v6.13.0
v6.13.1
v6.14.0
v6.14.1
v6.14.2
v6.14.3
v6.2.0
v6.2.1
v6.2.2
v6.3.0
v6.3.1
v6.4.0
v6.5.0
v6.6.0
v6.7.0
v6.8.0
v6.8.1
v6.9.0
v6.9.1
v6.9.2
v6.9.3
v6.9.4
v6.9.5
v8.*
v8.0.0
v8.1.0
v8.1.1
v8.1.2
v8.1.3
v8.1.4
v8.10.0
v8.11.0
v8.11.1
v8.11.2
v8.11.3
v8.2.0
v8.2.1
v8.3.0
v8.4.0
v8.5.0
v8.6.0
v8.7.0
v8.8.0
v8.8.1
v8.9.0
v8.9.1
v8.9.2
v8.9.3
v8.9.4
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "14.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "18.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "11.1.2.4.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.1.0.5.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "13.2.0.0.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "13.3.0.0.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.3.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.12.3"
}
]
},
{
"events": [
{
"introduced": "3.12.4"
},
{
"last_affected": "4.1.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.55"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.56"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.57"
}
]
},
{
"events": [
{
"introduced": "17.7"
},
{
"last_affected": "17.12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.1.1.0.0"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5407.json"