| A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z | AA | AB | AC | ||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | Name | CVE | Timeline | Affected hardware | Affected software | Targets | Attack vector | Description and references (MITRE) | Details and references to patches and security advisories (NVD) | Microcode / SW Patches | PoC | How it works | Notes and additional links | |||||||||||||||||
2 | Spectre v1 | CVE-2017-5753 | Jan 3, 2018 | Intel, AMD, ARM CPUs | CPU microcode, OS kernel, compilers | It breaks application isolation in memory. An attacker may access priviledged memory | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753 | https://nvd.nist.gov/vuln/detail/CVE-2017-5753 | Spectre v1-3 | https://github.com/Eugnis/spectre-attack | https://spectreattack.com/ | https://people.redhat.com/jcm/talks/FOSDEM_2018.pdf | |||||||||||||||||
3 | Branch Target Injection (Spectre v2) | CVE-2017-5715 | Jan 3, 2018 | Intel, AMD, ARM CPUs | CPU microcode, OS kernel, compilers | It breaks application isolation in memory. An attacker may access priviledged memory | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715 | https://nvd.nist.gov/vuln/detail/CVE-2017-5715 | Spectre v1-3 | https://github.com/Eugnis/spectre-attack | Detailed explanation | ||||||||||||||||||
4 | Rogue Data Cache Load ('Spectre v3' or Meltdown) | CVE-2017-5754 | Jan 3, 2018 | Intel CPUs, ARM Cortex-A75 | CPU microcode, OS kernel, compilers | It breaks application isolation in memory. An attacker may access priviledged memory | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754 | https://nvd.nist.gov/vuln/detail/CVE-2017-5754 | Spectre v1-3 | https://github.com/IAIK/meltdown | https://meltdownattack.com/ | ||||||||||||||||||
5 | Rogue System Register Read (Spectre v3a) | CVE-2018-3640 | May 21, 2018 | Out-of-order execution processor by Intel, AMD, ARM (A15, A57, A72), IBM's Power 8, Power 9, and System z CPUs | CPU microcode, OS kernel | Allows unpriviledged process to read hardware status flags and registers only the OS kernel should access | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3640 | https://nvd.nist.gov/vuln/detail/CVE-2018-3640 | Spectre v3a-4 | https://github.com/bi-zone/rdtsc-checkvirt-poc | n/a | https://sourceforge.net/p/cucumber-linux/blog/2018/05/here-we-go-again-spectre-v3a-cve-2018-3640-and-spectre-v4-cve-2018-3639/ | |||||||||||||||||
6 | Speculative Store Bypass (Spectre v4, sometimes Spectre-NG) | CVE-2018-3639 | May 21, 2018 | Out-of-order execution processor by Intel, AMD, ARM, IBM's Power 8, Power 9, and System z CPUs | CPU microcode, OS kernel | Allows unpriviledged process to read data in the L1 cache of the CPU | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639 | https://nvd.nist.gov/vuln/detail/CVE-2018-3639 | Spectre v3a-4 | not yet | https://www.redhat.com/en/blog/speculative-store-bypass-explained-what-it-how-it-works | https://blogs.technet.microsoft.com/srd/2018/05/21/analysis-and-mitigation-of-speculative-store-bypass-cve-2018-3639/ | |||||||||||||||||
7 | L1 Terminal Fault (L1TF) (Foreshadow (SGX)) | CVE-2018-3615 | August 14, 2018 | Intel Core and Xeon CPUs with SGX instructions | CPU microcode, OS kernel | SGX secure enclave of Intel chips | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3615 | https://nvd.nist.gov/vuln/detail/CVE-2018-3615 | Foreshadow-NG | not yet | https://blog.barkly.com/what-is-l1tf-foreshadow-intel-vulnerability-explained | ||||||||||||||||||
8 | L1 Terminal Fault (L1TF) (Foreshadow-NG (OS)) | CVE-2018-3620 | August 14, 2018 | Intel Core and Xeon CPUs | CPU microcode, OS kernel | OS kernel memory and System Management Mode (SMM) memory | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3620 | https://nvd.nist.gov/vuln/detail/CVE-2018-3620 | Foreshadow-NG | not yet | |||||||||||||||||||
9 | L1 Terminal Fault (L1TF) (Foreshadow-NG (VMM)) | CVE-2018-3646 | August 14, 2018 | Intel Core and Xeon CPUs | CPU microcode, OS kernel | Virtual Machines (VMs) and hypervisors (VMM) | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3646 | https://nvd.nist.gov/vuln/detail/CVE-2018-3646 | Foreshadow-NG | not yet | |||||||||||||||||||
10 | MSBDS (aka 'Fallout') (MDS family) | CVE-2018-12126 | May 14, 2019 | Intel CPUs since 2011 (ARM, AMD, nVidia not affected) | CPU microcode, OS kernel | arbitrary in-flight data from CPU-internal buffers | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12126 | https://nvd.nist.gov/vuln/detail/CVE-2018-12126 | MDS | not yet | https://mdsattacks.com | https://software.intel.com/security-software-guidance/insights/deep-dive-intel-analysis-microarchitectural-data-sampling | https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html | ||||||||||||||||
11 | MFBDS (aka 'ZombieLoad') (MDS family) | CVE-2018-12130 | May 14, 2019 | Intel CPUs since 2011 (ARM, AMD, nVidia not affected) | CPU microcode, OS kernel | arbitrary in-flight data from CPU-internal buffers | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12130 | https://nvd.nist.gov/vuln/detail/CVE-2018-12130 | MDS | https://github.com/IAIK/ZombieLoad | https://mdsattacks.com | ||||||||||||||||||
12 | MLPDS (aka 'RIDL') (MDS family) | CVE-2018-12127 | May 14, 2019 | Intel CPUs since 2011 (ARM, AMD, nVidia not affected) | CPU microcode, OS kernel | arbitrary in-flight data from CPU-internal buffers | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12127 | https://nvd.nist.gov/vuln/detail/CVE-2018-12127 | MDS | https://github.com/IAIK/ZombieLoad | https://mdsattacks.com | ||||||||||||||||||
13 | MDSUM (aka 'RIDL') (MDS family) | CVE-2019-11091 | May 14, 2019 | Intel CPUs since 2011 (ARM, AMD, nVidia not affected) | CPU microcode, OS kernel | arbitrary in-flight data from CPU-internal buffers | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11091 | https://nvd.nist.gov/vuln/detail/CVE-2019-11091 | MDS | https://github.com/IAIK/ZombieLoad | https://mdsattacks.com | ||||||||||||||||||
14 | SWAPGS (Spectre v1 Variant) | CVE-2019-1125 | Aug 6, 2019 | https://software.intel.com/security-software-guidance/insights/processors-affected-speculative-behavior-swapgs-and-segment-registers | CPU microcode, OS kernel, compilers | It breaks application isolation in memory. An attacker may access priviledged memory | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1125 | https://nvd.nist.gov/vuln/detail/CVE-2019-1125 | Spectre v1-3 | https://www.swapgs.com/ | https://software.intel.com/security-software-guidance/insights/deep-dive-intel-analysis-speculative-behavior-swapgs-and-segment-registers | ||||||||||||||||||
15 | TAA (aka 'ZombieLoad V2') | CVE-2019-11135 | Nov 12, 2019 | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html | CPU microcode, OS kernel, Intel SGX, Intel SMM, hypervisors and guest VMs | arbitrary in-flight data from CPU-internal buffers | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11135 | https://nvd.nist.gov/vuln/detail/CVE-2019-11135 | MDS | https://mdsattacks.com | https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort | ||||||||||||||||||
16 | MCEPSC (aka 'No eXcuses' or 'iTLB Multihit') | CVE-2018-12207 | Nov 12, 2019 | https://software.intel.com/security-software-guidance/insights/processors-affected-machine-check-error-avoidance-page-size-change | CPU microcode, OS kernel | arbitrary in-flight data from CPU-internal buffers | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12207 | https://nvd.nist.gov/vuln/detail/CVE-2018-12207 | MDS | https://mdsattacks.com | https://software.intel.com/security-software-guidance/insights/deep-dive-machine-check-error-avoidance-page-size-change | ||||||||||||||||||
17 | L1D Eviction Sampling (L1DES) | CVE-2020-0549 | Jan 27, 2020 | https://software.intel.com/security-software-guidance/insights/processors-affected-l1d-eviction-sampling | CPU microcode, OS kernel | arbitrary in-flight data from CPU-internal buffers | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0549 | https://nvd.nist.gov/vuln/detail/CVE-2020-0549 | MDS | https://mdsattacks.com | https://www.engadget.com/2020/01/27/intel-third-mds-patch/?guccounter=1 | ||||||||||||||||||
18 | Vector Register Sampling (VRS) | CVE-2020-0548 | Jan 27, 2020 | https://software.intel.com/security-software-guidance/insights/processors-affected-vector-register-sampling | CPU microcode, OS kernel | arbitrary in-flight data from CPU-internal buffers | Local | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0548 | https://nvd.nist.gov/vuln/detail/CVE-2020-0548 | MDS | https://mdsattacks.com | |||||||||||||||||||
19 | ||||||||||||||||||||||||||||||
20 | ||||||||||||||||||||||||||||||
21 | ||||||||||||||||||||||||||||||
22 | ||||||||||||||||||||||||||||||
23 | ||||||||||||||||||||||||||||||
24 | ||||||||||||||||||||||||||||||
25 | ||||||||||||||||||||||||||||||
26 | ||||||||||||||||||||||||||||||
27 | ||||||||||||||||||||||||||||||
28 | ||||||||||||||||||||||||||||||
29 | ||||||||||||||||||||||||||||||
30 | ||||||||||||||||||||||||||||||
31 | ||||||||||||||||||||||||||||||
32 | ||||||||||||||||||||||||||||||
33 | ||||||||||||||||||||||||||||||
34 | ||||||||||||||||||||||||||||||
35 | ||||||||||||||||||||||||||||||
36 | ||||||||||||||||||||||||||||||
37 | ||||||||||||||||||||||||||||||
38 | ||||||||||||||||||||||||||||||
39 | ||||||||||||||||||||||||||||||
40 | ||||||||||||||||||||||||||||||
41 | ||||||||||||||||||||||||||||||
42 | ||||||||||||||||||||||||||||||
43 | ||||||||||||||||||||||||||||||
44 | ||||||||||||||||||||||||||||||
45 | ||||||||||||||||||||||||||||||
46 | ||||||||||||||||||||||||||||||
47 | ||||||||||||||||||||||||||||||
48 | ||||||||||||||||||||||||||||||
49 | ||||||||||||||||||||||||||||||
50 | ||||||||||||||||||||||||||||||
51 | ||||||||||||||||||||||||||||||
52 | ||||||||||||||||||||||||||||||
53 | ||||||||||||||||||||||||||||||
54 | ||||||||||||||||||||||||||||||
55 | ||||||||||||||||||||||||||||||
56 | ||||||||||||||||||||||||||||||
57 | ||||||||||||||||||||||||||||||
58 | ||||||||||||||||||||||||||||||
59 | ||||||||||||||||||||||||||||||
60 | ||||||||||||||||||||||||||||||
61 | ||||||||||||||||||||||||||||||
62 | ||||||||||||||||||||||||||||||
63 | ||||||||||||||||||||||||||||||
64 | ||||||||||||||||||||||||||||||
65 | ||||||||||||||||||||||||||||||
66 | ||||||||||||||||||||||||||||||
67 | ||||||||||||||||||||||||||||||
68 | ||||||||||||||||||||||||||||||
69 | ||||||||||||||||||||||||||||||
70 | ||||||||||||||||||||||||||||||
71 | ||||||||||||||||||||||||||||||
72 | ||||||||||||||||||||||||||||||
73 | ||||||||||||||||||||||||||||||
74 | ||||||||||||||||||||||||||||||
75 | ||||||||||||||||||||||||||||||
76 | ||||||||||||||||||||||||||||||
77 | ||||||||||||||||||||||||||||||
78 | ||||||||||||||||||||||||||||||
79 | ||||||||||||||||||||||||||||||
80 | ||||||||||||||||||||||||||||||
81 | ||||||||||||||||||||||||||||||
82 | ||||||||||||||||||||||||||||||
83 | ||||||||||||||||||||||||||||||
84 | ||||||||||||||||||||||||||||||
85 | ||||||||||||||||||||||||||||||
86 | ||||||||||||||||||||||||||||||
87 | ||||||||||||||||||||||||||||||
88 | ||||||||||||||||||||||||||||||
89 | ||||||||||||||||||||||||||||||
90 | ||||||||||||||||||||||||||||||
91 | ||||||||||||||||||||||||||||||
92 | ||||||||||||||||||||||||||||||
93 | ||||||||||||||||||||||||||||||
94 | ||||||||||||||||||||||||||||||
95 | ||||||||||||||||||||||||||||||
96 | ||||||||||||||||||||||||||||||
97 | ||||||||||||||||||||||||||||||
98 | ||||||||||||||||||||||||||||||
99 | ||||||||||||||||||||||||||||||
100 | ||||||||||||||||||||||||||||||