CVE-2018-15572

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-15572

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-15572.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2018-15572

Downstream

DEBIAN-CVE-2018-15572

DLA-1529-1

DLA-1531-1

DSA-4308-1

SUSE-SU-2018:2538-1

SUSE-SU-2018:2539-1

SUSE-SU-2018:2775-1

SUSE-SU-2018:2776-1

SUSE-SU-2018:2858-1

SUSE-SU-2018:2862-1

SUSE-SU-2018:2879-1

SUSE-SU-2018:2907-1

SUSE-SU-2018:3084-1

SUSE-SU-2018:3088-1

SUSE-SU-2018:3961-1

SUSE-SU-2019:1289-1

UBUNTU-CVE-2018-15572

USN-3775-1

USN-3776-1

USN-3776-2

USN-3777-1

USN-3777-2

USN-3777-3

Related

Withdrawn

2026-01-27T04:16:08.227802Z

Published

2018-08-20T02:29:00Z

Modified

2026-01-27T04:16:08.227802Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

The spectrev2select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.

References

Affected packages