Retire CVE-2018-3693

1 files changed, 28 insertions, 0 deletions

diff --git a/retired/CVE-2018-3693 b/retired/CVE-2018-3693
new file mode 100644
index 00000000..516fd93e
--- /dev/null
+++ b/retired/CVE-2018-3693
@@ -0,0 +1,28 @@
+Description: speculative bounds check bypass store (Spectre v1.1)
+References:
+ https://01.org/security/advisories/intel-oss-10002
+ https://access.redhat.com/solutions/3523601
+ https://bugzilla.redhat.com/show_bug.cgi?id=1581650
+ https://people.csail.mit.edu/vlk/spectre11.pdf
+Notes:
+ carnil> 3b78ce4a34b761c7fe13520de822984019ff1a8f (4.17-rc7) merges
+ carnil> the speculative store buffer bypass fixes (for x86 side).
+ bwh> The above merge only addresses only SSB (CVE-2018-3639).
+ bwh> This issue (CVE-2018-3693) is closely related to Spectre v1
+ bwh> (CVE-2017-5753) and is being mitigated in a similar way, using
+ bwh> array_index_nospec().  The same as with Spectre v1, this will
+ bwh> be an ongoing process.
+ carnil> As it is closely related enough to CVE-2017-5753 marked
+ carnil> the CVE as fixed with the same versions. This is not fully
+ carnil> correct, but the whole process was an ongoing task from the
+ carnil> kernel community with several followup fixes.
+Bugs:
+upstream: released (4.16-rc4)
+5.10-upstream-stable: N/A "Fixed before branching point"
+4.19-upstream-stable: N/A "Fixed before branching point"
+4.9-upstream-stable: released (4.9.88)
+3.16-upstream-stable: ignored "EOL"
+sid: released (4.15.11-1)
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: released (4.9.88-1)
+3.16-jessie-security: ignored "EOL"