Description
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
Published: 2018-01-04
Score: 5.6 Medium
EPSS: 84.2% High
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-1232-1 linux security update
Debian DSA Debian DSA DSA-4078-1 linux security update
Debian DSA Debian DSA DSA-4082-1 linux security update
Debian DSA Debian DSA DSA-4120-1 linux security update
Ubuntu USN Ubuntu USN USN-3516-1 Firefox vulnerabilities
Ubuntu USN Ubuntu USN USN-3522-1 Linux kernel vulnerability
Ubuntu USN Ubuntu USN USN-3522-2 Linux (Xenial HWE) vulnerability
Ubuntu USN Ubuntu USN USN-3523-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-3523-2 Linux kernel (HWE) vulnerabilities
Ubuntu USN Ubuntu USN USN-3524-1 Linux kernel vulnerability
Ubuntu USN Ubuntu USN USN-3524-2 Linux kernel (Trusty HWE) vulnerability
Ubuntu USN Ubuntu USN USN-3525-1 Linux kernel vulnerability
Ubuntu USN Ubuntu USN USN-3540-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-3540-2 Linux kernel (Xenial HWE) vulnerabilities
Ubuntu USN Ubuntu USN USN-3541-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-3541-2 Linux kernel (HWE) vulnerabilities
Ubuntu USN Ubuntu USN USN-3583-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-3597-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-3597-2 Linux kernel (HWE) vulnerabilities
References
Link Providers
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html cve-icon cve-icon
http://nvidia.custhelp.com/app/answers/detail/a_id/4609 cve-icon cve-icon
http://nvidia.custhelp.com/app/answers/detail/a_id/4611 cve-icon cve-icon
http://nvidia.custhelp.com/app/answers/detail/a_id/4613 cve-icon cve-icon
http://nvidia.custhelp.com/app/answers/detail/a_id/4614 cve-icon cve-icon
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt cve-icon cve-icon
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt cve-icon cve-icon
http://www.kb.cert.org/vuls/id/584653 cve-icon cve-icon
http://www.securityfocus.com/bid/102378 cve-icon cve-icon
http://www.securityfocus.com/bid/106128 cve-icon cve-icon
http://www.securitytracker.com/id/1040071 cve-icon cve-icon
http://xenbits.xen.org/xsa/advisory-254.html cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:0292 cve-icon cve-icon
https://access.redhat.com/security/vulnerabilities/speculativeexecution cve-icon cve-icon
https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/ cve-icon cve-icon
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/ cve-icon cve-icon
https://cdrdv2.intel.com/v1/dl/getContent/685358 cve-icon cve-icon
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf cve-icon cve-icon
https://cert.vde.com/en-us/advisories/vde-2018-002 cve-icon cve-icon
https://cert.vde.com/en-us/advisories/vde-2018-003 cve-icon cve-icon
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability cve-icon cve-icon
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html cve-icon cve-icon cve-icon
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 cve-icon cve-icon
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html cve-icon cve-icon
https://meltdownattack.com cve-icon
https://meltdownattack.com/ cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2017-5754 cve-icon
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002 cve-icon cve-icon
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc cve-icon cve-icon
https://security.gentoo.org/glsa/201810-06 cve-icon cve-icon
https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html cve-icon cve-icon
https://security.netapp.com/advisory/ntap-20180104-0001/ cve-icon cve-icon
https://source.android.com/security/bulletin/2018-04-01 cve-icon cve-icon
https://spectreattack.com/ cve-icon
https://support.citrix.com/article/CTX231399 cve-icon cve-icon
https://support.citrix.com/article/CTX234679 cve-icon cve-icon
https://support.f5.com/csp/article/K91229003 cve-icon cve-icon
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us cve-icon cve-icon
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us cve-icon cve-icon
https://support.lenovo.com/us/en/solutions/LEN-18282 cve-icon cve-icon
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel cve-icon cve-icon
https://usn.ubuntu.com/3522-3/ cve-icon cve-icon
https://usn.ubuntu.com/3522-4/ cve-icon cve-icon
https://usn.ubuntu.com/3523-1/ cve-icon cve-icon
https://usn.ubuntu.com/3540-2/ cve-icon cve-icon
https://usn.ubuntu.com/3541-2/ cve-icon cve-icon
https://usn.ubuntu.com/3583-1/ cve-icon cve-icon
https://usn.ubuntu.com/3597-1/ cve-icon cve-icon
https://usn.ubuntu.com/3597-2/ cve-icon cve-icon
https://usn.ubuntu.com/usn/usn-3516-1/ cve-icon cve-icon
https://usn.ubuntu.com/usn/usn-3522-2/ cve-icon cve-icon
https://usn.ubuntu.com/usn/usn-3523-2/ cve-icon cve-icon
https://usn.ubuntu.com/usn/usn-3524-2/ cve-icon cve-icon
https://usn.ubuntu.com/usn/usn-3525-1/ cve-icon cve-icon
https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2017-5754 cve-icon
https://www.debian.org/security/2018/dsa-4078 cve-icon cve-icon
https://www.debian.org/security/2018/dsa-4082 cve-icon cve-icon
https://www.debian.org/security/2018/dsa-4120 cve-icon cve-icon
https://www.kb.cert.org/vuls/id/180049 cve-icon cve-icon
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001 cve-icon cve-icon
https://www.oracle.com/security-alerts/cpuapr2020.html cve-icon cve-icon
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html cve-icon cve-icon
https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/ cve-icon cve-icon
https://www.synology.com/support/security/Synology_SA_18_01 cve-icon cve-icon
History

Thu, 28 May 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.6, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 11 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.92362}

 epss

{'score': 0.92475}

Subscriptions

Arm Cortex-a
Intel Atom C Atom E Atom X3 Atom Z Celeron J Celeron N Core I3 Core I5 Core I7 Core M Core M3 Core M5 Core M7 Pentium J Pentium N Xeon Xeon Bronze 3104 Xeon Bronze 3106 Xeon E-1105c Xeon E3 Xeon E3 1105c V2 Xeon E3 1125c Xeon E3 1125c V2 Xeon E3 1220 Xeon E3 12201 Xeon E3 12201 V2 Xeon E3 1220 V2 Xeon E3 1220 V3 Xeon E3 1220 V5 Xeon E3 1220 V6 Xeon E3 1220l V3 Xeon E3 1225 Xeon E3 1225 V2 Xeon E3 1225 V3 Xeon E3 1225 V5 Xeon E3 1225 V6 Xeon E3 1226 V3 Xeon E3 1230 Xeon E3 1230 V2 Xeon E3 1230 V3 Xeon E3 1230 V5 Xeon E3 1230 V6 Xeon E3 1230l V3 Xeon E3 1231 V3 Xeon E3 1235 Xeon E3 1235l V5 Xeon E3 1240 Xeon E3 1240 V2 Xeon E3 1240 V3 Xeon E3 1240 V5 Xeon E3 1240 V6 Xeon E3 1240l V3 Xeon E3 1240l V5 Xeon E3 1241 V3 Xeon E3 1245 Xeon E3 1245 V2 Xeon E3 1245 V3 Xeon E3 1245 V5 Xeon E3 1245 V6 Xeon E3 1246 V3 Xeon E3 1258l V4 Xeon E3 1260l Xeon E3 1260l V5 Xeon E3 1265l V2 Xeon E3 1265l V3 Xeon E3 1265l V4 Xeon E3 1268l V3 Xeon E3 1268l V5 Xeon E3 1270 Xeon E3 1270 V2 Xeon E3 1270 V3 Xeon E3 1270 V5 Xeon E3 1270 V6 Xeon E3 1271 V3 Xeon E3 1275 Xeon E3 1275 V2 Xeon E3 1275 V3 Xeon E3 1275 V5 Xeon E3 1275 V6 Xeon E3 1275l V3 Xeon E3 1276 V3 Xeon E3 1278l V4 Xeon E3 1280 Xeon E3 1280 V2 Xeon E3 1280 V3 Xeon E3 1280 V5 Xeon E3 1280 V6 Xeon E3 1281 V3 Xeon E3 1285 V3 Xeon E3 1285 V4 Xeon E3 1285 V6 Xeon E3 1285l V3 Xeon E3 1285l V4 Xeon E3 1286 V3 Xeon E3 1286l V3 Xeon E3 1290 Xeon E3 1290 V2 Xeon E3 1501l V6 Xeon E3 1501m V6 Xeon E3 1505l V5 Xeon E3 1505l V6 Xeon E3 1505m V5 Xeon E5 Xeon E5 1428l Xeon E5 1428l V2 Xeon E5 1428l V3 Xeon E5 1620 Xeon E5 1620 V2 Xeon E5 1620 V3 Xeon E5 1620 V4 Xeon E5 1630 V3 Xeon E5 1630 V4 Xeon E5 1650 Xeon E5 1650 V2 Xeon E5 1650 V3 Xeon E5 1650 V4 Xeon E5 1660 Xeon E5 1660 V2 Xeon E5 1660 V3 Xeon E5 1660 V4 Xeon E5 1680 V3 Xeon E5 1680 V4 Xeon E5 2403 Xeon E5 2403 V2 Xeon E5 2407 Xeon E5 2407 V2 Xeon E5 2408l V3 Xeon E5 2418l Xeon E5 2418l V2 Xeon E5 2418l V3 Xeon E5 2420 Xeon E5 2420 V2 Xeon E5 2428l Xeon E5 2428l V2 Xeon E5 2428l V3 Xeon E5 2430 Xeon E5 2430 V2 Xeon E5 2430l Xeon E5 2430l V2 Xeon E5 2438l V3 Xeon E5 2440 Xeon E5 2440 V2 Xeon E5 2448l Xeon E5 2448l V2 Xeon E5 2450 Xeon E5 2450 V2 Xeon E5 2450l Xeon E5 2450l V2 Xeon E5 2470 Xeon E5 2470 V2 Xeon E5 2603 Xeon E5 2603 V2 Xeon E5 2603 V3 Xeon E5 2603 V4 Xeon E5 2608l V3 Xeon E5 2608l V4 Xeon E5 2609 Xeon E5 2609 V2 Xeon E5 2609 V3 Xeon E5 2609 V4 Xeon E5 2618l V2 Xeon E5 2618l V3 Xeon E5 2618l V4 Xeon E5 2620 Xeon E5 2620 V2 Xeon E5 2620 V3 Xeon E5 2620 V4 Xeon E5 2623 V3 Xeon E5 2623 V4 Xeon E5 2628l V2 Xeon E5 2628l V3 Xeon E5 2628l V4 Xeon E5 2630 Xeon E5 2630 V2 Xeon E5 2630 V3 Xeon E5 2630 V4 Xeon E5 2630l Xeon E5 2630l V2 Xeon E5 2630l V3 Xeon E5 2630l V4 Xeon E5 2637 Xeon E5 2637 V2 Xeon E5 2637 V3 Xeon E5 2637 V4 Xeon E5 2640 Xeon E5 2640 V2 Xeon E5 2640 V3 Xeon E5 2640 V4 Xeon E5 2643 Xeon E5 2643 V2 Xeon E5 2643 V3 Xeon E5 2643 V4 Xeon E5 2648l Xeon E5 2648l V2 Xeon E5 2648l V3 Xeon E5 2648l V4 Xeon E5 2650 Xeon E5 2650 V2 Xeon E5 2650 V3 Xeon E5 2650 V4 Xeon E5 2650l Xeon E5 2650l V2 Xeon E5 2650l V3 Xeon E7 Xeon Gold Xeon Phi Xeon Platinum Xeon Silver
Redhat Enterprise Linux Enterprise Mrg Rhel Aus Rhel E4s Rhel Els Rhel Eus Rhel Extras Rt Rhel Mission Critical Rhel Tus
cve-icon MITRE

Status: PUBLISHED

Assigner: intel

Published:

Updated: 2026-05-28T17:53:08.980Z

Reserved: 2017-02-01T00:00:00.000Z

Link: CVE-2017-5754

cve-icon Vulnrichment

Updated: 2024-08-05T15:11:48.442Z

cve-icon NVD

Status : Modified

Published: 2018-01-04T13:29:00.303

Modified: 2026-06-17T01:21:09.247

Link: CVE-2017-5754

cve-icon Redhat

Severity : Important

Publid Date: 2018-01-03T22:00:00Z

Links: CVE-2017-5754 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses