What is GHSA-qj7r-58vw-6www?

GHSA-qj7r-58vw-6www is a security advisory published by GitHub Security Advisories with Medium severity. Systems with microprocessors utilizing speculative execution and address translations may allow...

Which CVE IDs does GHSA-qj7r-58vw-6www cover?

GHSA-qj7r-58vw-6www covers the following CVE IDs: CVE-2018-3646. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-qj7r-58vw-6www?

GHSA-qj7r-58vw-6www has a CVSS v3 base score of 5.6, published by GitHub Security Advisories.

GHSA-qj7r-58vw-6wwwMediumCVSS 5.6

Systems with microprocessors utilizing speculative execution and address translations may allow...

Vendor

GitHub Security Advisories

Published

May 13, 2022

Last Modified

May 29, 2026

🔗 CVE IDs covered (1)

CVE-2018-3646 →

📋 Description

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.

🔗 References (60)

https://nvd.nist.gov/vuln/detail/CVE-2018-3646
https://access.redhat.com/errata/RHSA-2018:2384
https://access.redhat.com/errata/RHSA-2018:2387
https://access.redhat.com/errata/RHSA-2018:2388
https://access.redhat.com/errata/RHSA-2018:2389
https://access.redhat.com/errata/RHSA-2018:2390
https://access.redhat.com/errata/RHSA-2018:2391
https://access.redhat.com/errata/RHSA-2018:2392
https://access.redhat.com/errata/RHSA-2018:2393
https://access.redhat.com/errata/RHSA-2018:2394
https://access.redhat.com/errata/RHSA-2018:2395
https://access.redhat.com/errata/RHSA-2018:2396
https://access.redhat.com/errata/RHSA-2018:2402
https://access.redhat.com/errata/RHSA-2018:2403
https://access.redhat.com/errata/RHSA-2018:2404
https://access.redhat.com/errata/RHSA-2018:2602
https://access.redhat.com/errata/RHSA-2018:2603
https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc
https://security.gentoo.org/glsa/201810-06
https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
https://support.f5.com/csp/article/K31300402
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
https://www.debian.org/security/2018/dsa-4274
https://www.debian.org/security/2018/dsa-4279
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
https://www.kb.cert.org/vuls/id/982149
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.synology.com/support/security/Synology_SA_18_45
http://support.lenovo.com/us/en/solutions/LEN-24163
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
http://www.securityfocus.com/bid/105080
http://www.securitytracker.com/id/1041451
http://www.securitytracker.com/id/1042004
http://www.vmware.com/security/advisories/VMSA-2018-0020.html
http://xenbits.xen.org/xsa/advisory-273.html
https://security.netapp.com/advisory/ntap-20180815-0001
https://usn.ubuntu.com/3740-1
https://usn.ubuntu.com/3740-2
https://usn.ubuntu.com/3741-1
https://usn.ubuntu.com/3741-2
https://usn.ubuntu.com/3742-1
https://usn.ubuntu.com/3742-2
https://usn.ubuntu.com/3756-1
https://usn.ubuntu.com/3823-1
https://foreshadowattack.eu
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ
https://github.com/advisories/GHSA-qj7r-58vw-6www