Candidate: CVE-2018-9056
PublicDate: 2018-03-27 17:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9056
 http://www.cs.ucr.edu/~nael/pubs/asplos18.pdf
 https://arstechnica.com/gadgets/2018/03/its-not-just-spectre-researchers-reveal-more-branch-prediction-attacks/
Description:
 Systems with microprocessors utilizing speculative execution may allow
 unauthorized disclosure of information to an attacker with local user
 access via a side-channel attack on the directional branch predictor, as
 demonstrated by a pattern history table (PHT), aka BranchScope.
Ubuntu-Description:
Notes:
 tyhicks> Intel does not appear to have plans to address this issue through a
  microcode update. There's nothing that the Linux kernel can do to mitigate
  it. Ubuntu is ignoring this issue for now but may revisit the decision in the
  future.
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N