CVE-2017-5753

Priority
Description
Systems with microprocessors utilizing speculative execution and branch
prediction may allow unauthorized disclosure of information to an attacker
with local user access via a side-channel analysis.
Ubuntu-Description
Jann Horn discovered that microprocessors utilizing speculative execution
and branch prediction may allow unauthorized memory reads via sidechannel
attacks. This flaw is known as Spectre. A local attacker could use this to
expose sensitive information, including kernel memory.
Notes
tyhicksVariant 1, aka "Spectre"
The break-fix lines for this CVE are not complete since a large
number of patches are required to mitigate this issue. The commit(s) listed
are chosen as placeholders for automated CVE triage purposes.
Package
Priority: Medium
Upstream:released (57.0.4)
Ubuntu 18.04 LTS:released (59.0.1+build1-0ubuntu1)
Ubuntu 16.04 ESM:released (57.0.4+build1-0ubuntu0.16.04.1)
Ubuntu 14.04 ESM:DNE (trusty was released [57.0.4+build1-0ubuntu0.14.04.1])
Patches:
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:not-affected (4.13.0-32.35)
Ubuntu 16.04 ESM:released (4.4.0-112.135)
Ubuntu 14.04 ESM:released (3.13.0-157.207)
Patches:
Introduced by
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by
f3804203306e098dae9ca51540fcd5eb700d7f40|local-2017-5753-intel
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:not-affected (4.15.0-1001.1)
Ubuntu 16.04 ESM:released (4.4.0-1049.58)
Ubuntu 14.04 ESM:released (4.4.0-1011.11)
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:not-affected (4.15.0-1002.2)
Ubuntu 16.04 ESM:released (4.15.0-1013.13~16.04.2)
Ubuntu 14.04 ESM:not-affected (4.15.0-1023.24~14.04.1)
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:not-affected (4.18.0-1004.4~18.04.1)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE (trusty was ignored [abandoned])
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:not-affected (4.15.0-1001.1)
Ubuntu 16.04 ESM:released (4.15.0-1014.14~16.04.1)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE (trusty was ignored [abandoned])
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE (trusty was ignored [abandoned])
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:not-affected
Ubuntu 16.04 ESM:released (4.15.0-24.26~16.04.1)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:not-affected (4.18.0-11.12~18.04.1)
Ubuntu 16.04 ESM:released (4.15.0-24.26~16.04.1)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:not-affected (4.15.0-1002.2)
Ubuntu 16.04 ESM:released (4.4.0-1017.22)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE (trusty was ignored [out of standard support])
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE (trusty was ignored [was pending now end-of-life])
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE (trusty was ignored [out of standard support])
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:released (4.4.0-111.134~14.04.1)
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE (trusty was ignored [abandoned])
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE (trusty was ignored [abandoned])
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE (trusty was ignored [abandoned])
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:not-affected (4.15.0-1002.3)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:not-affected (4.15.0-1006.7)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:not-affected
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (4.16~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:released (384.111-0ubuntu1)
Ubuntu 14.04 ESM:DNE (trusty was released [384.111-0ubuntu0.14.04.1])
Patches:
Package
Upstream:released (2.18.5)
Ubuntu 18.04 LTS:not-affected (2.18.6-1)
Ubuntu 16.04 ESM:released (2.18.5-0ubuntu0.16.04.1)
Ubuntu 14.04 ESM:DNE
Patches:
More Information

Updated: 2022-04-13 13:01:20 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)