Search criteria
16 vulnerabilities found for microcode by intel
VAR-202106-0343
Vulnerability from variot - Updated: 2025-12-22 21:25Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Intel Processors (Intel processors) are Intel Corporation's processors that interpret computer instructions and process data in computer software. An authenticated attacker could exploit this vulnerability to obtain sensitive information.
For the stable distribution (buster), these problems have been fixed in version 3.20210608.2~deb10u1.
Note that there are two reported regressions; for some CoffeeLake CPUs this update may break iwlwifi (https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/56) and some for Skylake R0/D0 CPUs on systems using a very outdated firmware/BIOS, the system may hang on boot: (https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31)
If you are affected by those issues, you can recover by disabling microcode loading on boot (as documented in README.Debian (also available online at https://salsa.debian.org/hmh/intel-microcode/-/blob/master/debian/README.Debian))
We recommend that you upgrade your intel-microcode packages.
For the detailed security status of intel-microcode please refer to its security tracker page at: https://security-tracker.debian.org/tracker/intel-microcode
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmDXan0ACgkQEMKTtsN8 Tja9aQ//f1dHsEghQsedGnkMCIa2qLi12UFtb4yW7TYV6uwloqbYZMbymvoXYOAB haasn+yCaGUkXuAHxcGvZuN41EkRhdG4LfS5qoZxPMsw84ETjpV2Ohwhuqwf9P20 9pqV1QLjVPCMiCqvHatkzyRNPtRhIh0uCRx5HtIeOEyKTwhVnUJrrljUXCzMDviD 3As0n0yVUPDIcJdaVxp5mxyebf1NyIYMR+7wmzTBOhK6i+rEE4NkKGkcsYBIM1ch AdTQNHv78QZld6ixL8iCUe1NsSugZ2QjbVL1BLW45fJv3f0BIF5uo6LBzbiJlN/6 xWwOdFTfqW1ORyr0k6JQ+yKz3oSE+jfUStwf+zegWOjYes5gGaA/nATzzNwwFfCQ qDqMmnN26qMI3MswP50ESkNs2JTK3955cIJjnscp5DeFArDuCFKh9wcqSZ46/QCE GVRi+F/Dh3JQxv/jP8jfLhCvkBptuendGo9qK5v22QoeCRoHS16dLu7HHP34hRrw k//EgtP35pD9eTNiIsxhmx3qTPD0gbQbcMG/5NTVtpNqsffAxYtqTy8+/4lfPkNn AYtYrrG6tjEHe1gasLkjthB7c0YLzPLdNyZkNIk6XZ2YIhx18N80c7gTBERSJ1Sh 9lmsnX3+5GWM7Fx2NN2vL5xIEo0einMJCyTlNMRDLim2ix1vpZg= =RVf2 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:3028-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:3028 Issue date: 2021-08-09 CVE Names: CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 ==================================================================== 1. Summary:
An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
The microcode_ctl packages provide microcode updates for Intel.
Security Fix(es):
-
hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)
-
hw: Vector Register Data Sampling (CVE-2020-0548)
-
hw: L1D Cache Eviction Sampling (CVE-2020-0549)
-
hw: vt-d related privilege escalation (CVE-2020-24489)
-
hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)
-
hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)
-
hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)
-
hw: Vector Register Leakage-Active (CVE-2020-8696)
-
hw: Fast forward store predictor (CVE-2020-8698)
-
Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1788786 - CVE-2020-0548 hw: Vector Register Data Sampling 1788788 - CVE-2020-0549 hw: L1D Cache Eviction Sampling 1827165 - CVE-2020-0543 hw: Special Register Buffer Data Sampling (SRBDS) 1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface 1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active 1890356 - CVE-2020-8698 hw: Fast forward store predictor 1897684 - [rhel-7.9.z] Re-enable 06-5e-03 (SKL-H/S, CPUID 0x506e3) latest microcode updates 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: microcode_ctl-2.1-73.11.el7_9.src.rpm
x86_64: microcode_ctl-2.1-73.11.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: microcode_ctl-2.1-73.11.el7_9.src.rpm
x86_64: microcode_ctl-2.1-73.11.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: microcode_ctl-2.1-73.11.el7_9.src.rpm
x86_64: microcode_ctl-2.1-73.11.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: microcode_ctl-2.1-73.11.el7_9.src.rpm
x86_64: microcode_ctl-2.1-73.11.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2020-0543 https://access.redhat.com/security/cve/CVE-2020-0548 https://access.redhat.com/security/cve/CVE-2020-0549 https://access.redhat.com/security/cve/CVE-2020-8695 https://access.redhat.com/security/cve/CVE-2020-8696 https://access.redhat.com/security/cve/CVE-2020-8698 https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYRD++tzjgjWX9erEAQhA1A//eeO88DFGpTcHgCHrsXimUtK3MZX0RppT 5UOWuXgmPJniMPDALpkfTNTnNGASjBB+WDclaW2d/sZf52PzYLao5wGVIYdUx3Nl l9IvbGNMm0F7eI7aHdT2QnUhQQl1IpJrbmkhvBM2w85EmOfqlq+CpXnJMRXzoRdv sFPrWAo1opDNnBV6iYAnyULHFuWwcvU28n3JU945W8p/PvqJgSze77i4dmpzYkBj ljzVrIUl2pizBmnQMj03JJ+YeB8+oKb0uD2RdqHoxkUSFGH9OW6s/qytHu/eR4uL Y7WmIfHUxGsVRcmIjo/VaAvvWs4A3hdOL3nGdRAMQOKp+VoDcX7VDNURoxK/bkcJ OepHSyfWPCVXvOmU5l2ov1uzVQ/F+ajeevMehuzwQlTAIur5qE2eQ2Mwitfh/7WZ W3x67peCz51zVPtb7rkQfpzQzZKkjSAAclOYMzltv2PA5vSXZy8+hEqWZwqtesQn ltz36bjQMvRRhr1yGDbaFI5dcTB8T/eIkzmD6wPfbd7r7SEuE0GUd8Yf69VghGL2 f+mvR8oWb2x3RHXbpFm4aIt5mJHqIgfXDAohz7lXgLyJwQefyeJ5w+W8nOe+ZSK/ yvfiVQZz9tvPq8yqC87YWTA7zcnhoSmPvXRicJakpfJL/oz043Tc17jqxIra36sA UjXnNBNse8A=LIYI -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 6 ELS) - i386, x86_64
3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202106-0343",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "solidfire bios",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "hci compute node bios",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "microcode",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "20210608"
},
{
"model": "fas\\/aff bios",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24511"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "163966"
},
{
"db": "PACKETSTORM",
"id": "163758"
},
{
"db": "PACKETSTORM",
"id": "163031"
},
{
"db": "PACKETSTORM",
"id": "163036"
},
{
"db": "PACKETSTORM",
"id": "163043"
},
{
"db": "PACKETSTORM",
"id": "163047"
},
{
"db": "PACKETSTORM",
"id": "163863"
},
{
"db": "PACKETSTORM",
"id": "163993"
}
],
"trust": 0.9
},
"cve": "CVE-2020-24511",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2020-24511",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-178397",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.0,
"id": "CVE-2020-24511",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-24511",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-178397",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-178397"
},
{
"db": "NVD",
"id": "CVE-2020-24511"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Intel Processors (Intel processors) are Intel Corporation\u0027s processors that interpret computer instructions and process data in computer software. An authenticated attacker could exploit this vulnerability to obtain sensitive information. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 3.20210608.2~deb10u1. \n\nNote that there are two reported regressions; for some CoffeeLake CPUs\nthis update may break iwlwifi\n(https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/56)\nand some for Skylake R0/D0 CPUs on systems using a very outdated firmware/BIOS,\nthe system may hang on boot:\n(https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31)\n\nIf you are affected by those issues, you can recover by disabling microcode\nloading on boot (as documented in README.Debian (also available online at\nhttps://salsa.debian.org/hmh/intel-microcode/-/blob/master/debian/README.Debian))\n\nWe recommend that you upgrade your intel-microcode packages. \n\nFor the detailed security status of intel-microcode please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/intel-microcode\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmDXan0ACgkQEMKTtsN8\nTja9aQ//f1dHsEghQsedGnkMCIa2qLi12UFtb4yW7TYV6uwloqbYZMbymvoXYOAB\nhaasn+yCaGUkXuAHxcGvZuN41EkRhdG4LfS5qoZxPMsw84ETjpV2Ohwhuqwf9P20\n9pqV1QLjVPCMiCqvHatkzyRNPtRhIh0uCRx5HtIeOEyKTwhVnUJrrljUXCzMDviD\n3As0n0yVUPDIcJdaVxp5mxyebf1NyIYMR+7wmzTBOhK6i+rEE4NkKGkcsYBIM1ch\nAdTQNHv78QZld6ixL8iCUe1NsSugZ2QjbVL1BLW45fJv3f0BIF5uo6LBzbiJlN/6\nxWwOdFTfqW1ORyr0k6JQ+yKz3oSE+jfUStwf+zegWOjYes5gGaA/nATzzNwwFfCQ\nqDqMmnN26qMI3MswP50ESkNs2JTK3955cIJjnscp5DeFArDuCFKh9wcqSZ46/QCE\nGVRi+F/Dh3JQxv/jP8jfLhCvkBptuendGo9qK5v22QoeCRoHS16dLu7HHP34hRrw\nk//EgtP35pD9eTNiIsxhmx3qTPD0gbQbcMG/5NTVtpNqsffAxYtqTy8+/4lfPkNn\nAYtYrrG6tjEHe1gasLkjthB7c0YLzPLdNyZkNIk6XZ2YIhx18N80c7gTBERSJ1Sh\n9lmsnX3+5GWM7Fx2NN2vL5xIEo0einMJCyTlNMRDLim2ix1vpZg=\n=RVf2\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: microcode_ctl security, bug fix and enhancement update\nAdvisory ID: RHSA-2021:3028-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:3028\nIssue date: 2021-08-09\nCVE Names: CVE-2020-0543 CVE-2020-0548 CVE-2020-0549\n CVE-2020-8695 CVE-2020-8696 CVE-2020-8698\n CVE-2020-24489 CVE-2020-24511 CVE-2020-24512\n====================================================================\n1. Summary:\n\nAn update for microcode_ctl is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe microcode_ctl packages provide microcode updates for Intel. \n\nSecurity Fix(es):\n\n* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)\n\n* hw: Vector Register Data Sampling (CVE-2020-0548)\n\n* hw: L1D Cache Eviction Sampling (CVE-2020-0549)\n\n* hw: vt-d related privilege escalation (CVE-2020-24489)\n\n* hw: improper isolation of shared resources in some Intel Processors\n(CVE-2020-24511)\n\n* hw: observable timing discrepancy in some Intel Processors\n(CVE-2020-24512)\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface\n(CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1788786 - CVE-2020-0548 hw: Vector Register Data Sampling\n1788788 - CVE-2020-0549 hw: L1D Cache Eviction Sampling\n1827165 - CVE-2020-0543 hw: Special Register Buffer Data Sampling (SRBDS)\n1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface\n1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active\n1890356 - CVE-2020-8698 hw: Fast forward store predictor\n1897684 - [rhel-7.9.z] Re-enable 06-5e-03 (SKL-H/S, CPUID 0x506e3) latest microcode updates\n1962650 - CVE-2020-24489 hw: vt-d related privilege escalation\n1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors\n1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nmicrocode_ctl-2.1-73.11.el7_9.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-73.11.el7_9.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nmicrocode_ctl-2.1-73.11.el7_9.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-73.11.el7_9.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nmicrocode_ctl-2.1-73.11.el7_9.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-73.11.el7_9.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nmicrocode_ctl-2.1-73.11.el7_9.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-73.11.el7_9.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-0543\nhttps://access.redhat.com/security/cve/CVE-2020-0548\nhttps://access.redhat.com/security/cve/CVE-2020-0549\nhttps://access.redhat.com/security/cve/CVE-2020-8695\nhttps://access.redhat.com/security/cve/CVE-2020-8696\nhttps://access.redhat.com/security/cve/CVE-2020-8698\nhttps://access.redhat.com/security/cve/CVE-2020-24489\nhttps://access.redhat.com/security/cve/CVE-2020-24511\nhttps://access.redhat.com/security/cve/CVE-2020-24512\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYRD++tzjgjWX9erEAQhA1A//eeO88DFGpTcHgCHrsXimUtK3MZX0RppT\n5UOWuXgmPJniMPDALpkfTNTnNGASjBB+WDclaW2d/sZf52PzYLao5wGVIYdUx3Nl\nl9IvbGNMm0F7eI7aHdT2QnUhQQl1IpJrbmkhvBM2w85EmOfqlq+CpXnJMRXzoRdv\nsFPrWAo1opDNnBV6iYAnyULHFuWwcvU28n3JU945W8p/PvqJgSze77i4dmpzYkBj\nljzVrIUl2pizBmnQMj03JJ+YeB8+oKb0uD2RdqHoxkUSFGH9OW6s/qytHu/eR4uL\nY7WmIfHUxGsVRcmIjo/VaAvvWs4A3hdOL3nGdRAMQOKp+VoDcX7VDNURoxK/bkcJ\nOepHSyfWPCVXvOmU5l2ov1uzVQ/F+ajeevMehuzwQlTAIur5qE2eQ2Mwitfh/7WZ\nW3x67peCz51zVPtb7rkQfpzQzZKkjSAAclOYMzltv2PA5vSXZy8+hEqWZwqtesQn\nltz36bjQMvRRhr1yGDbaFI5dcTB8T/eIkzmD6wPfbd7r7SEuE0GUd8Yf69VghGL2\nf+mvR8oWb2x3RHXbpFm4aIt5mJHqIgfXDAohz7lXgLyJwQefyeJ5w+W8nOe+ZSK/\nyvfiVQZz9tvPq8yqC87YWTA7zcnhoSmPvXRicJakpfJL/oz043Tc17jqxIra36sA\nUjXnNBNse8A=LIYI\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. 6 ELS) - i386, x86_64\n\n3",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24511"
},
{
"db": "VULHUB",
"id": "VHN-178397"
},
{
"db": "PACKETSTORM",
"id": "169079"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "163966"
},
{
"db": "PACKETSTORM",
"id": "163758"
},
{
"db": "PACKETSTORM",
"id": "163031"
},
{
"db": "PACKETSTORM",
"id": "163036"
},
{
"db": "PACKETSTORM",
"id": "163043"
},
{
"db": "PACKETSTORM",
"id": "163047"
},
{
"db": "PACKETSTORM",
"id": "163863"
},
{
"db": "PACKETSTORM",
"id": "163993"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-24511",
"trust": 2.1
},
{
"db": "SIEMENS",
"id": "SSA-309571",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "163047",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163043",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163031",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163036",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163037",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163044",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163040",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163042",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163048",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163032",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163046",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-178397",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169079",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163772",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163966",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163758",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163863",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163993",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-178397"
},
{
"db": "PACKETSTORM",
"id": "169079"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "163966"
},
{
"db": "PACKETSTORM",
"id": "163758"
},
{
"db": "PACKETSTORM",
"id": "163031"
},
{
"db": "PACKETSTORM",
"id": "163036"
},
{
"db": "PACKETSTORM",
"id": "163043"
},
{
"db": "PACKETSTORM",
"id": "163047"
},
{
"db": "PACKETSTORM",
"id": "163863"
},
{
"db": "PACKETSTORM",
"id": "163993"
},
{
"db": "NVD",
"id": "CVE-2020-24511"
}
]
},
"id": "VAR-202106-0343",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-178397"
}
],
"trust": 0.01
},
"last_update_date": "2025-12-22T21:25:47.987000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-668",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-178397"
},
{
"db": "NVD",
"id": "CVE-2020-24511"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"trust": 1.1,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24511"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24512"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24489"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/cve/cve-2020-24511"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/cve/cve-2020-24512"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/cve/cve-2020-24489"
},
{
"trust": 0.9,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.9,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24513"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8696"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-8698"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8698"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0549"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-0543"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-8695"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8695"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-0549"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0543"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-8696"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0548"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-0548"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-24513"
},
{
"trust": 0.1,
"url": "https://salsa.debian.org/hmh/intel-microcode/-/blob/master/debian/readme.debian))"
},
{
"trust": 0.1,
"url": "https://github.com/intel/intel-linux-processor-microcode-data-files/issues/56)"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://github.com/intel/intel-linux-processor-microcode-data-files/issues/31)"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/intel-microcode"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3029"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3317"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3028"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2299"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2300"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2301"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2303"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3364"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-178397"
},
{
"db": "PACKETSTORM",
"id": "169079"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "163966"
},
{
"db": "PACKETSTORM",
"id": "163758"
},
{
"db": "PACKETSTORM",
"id": "163031"
},
{
"db": "PACKETSTORM",
"id": "163036"
},
{
"db": "PACKETSTORM",
"id": "163043"
},
{
"db": "PACKETSTORM",
"id": "163047"
},
{
"db": "PACKETSTORM",
"id": "163863"
},
{
"db": "PACKETSTORM",
"id": "163993"
},
{
"db": "NVD",
"id": "CVE-2020-24511"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-178397"
},
{
"db": "PACKETSTORM",
"id": "169079"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "163966"
},
{
"db": "PACKETSTORM",
"id": "163758"
},
{
"db": "PACKETSTORM",
"id": "163031"
},
{
"db": "PACKETSTORM",
"id": "163036"
},
{
"db": "PACKETSTORM",
"id": "163043"
},
{
"db": "PACKETSTORM",
"id": "163047"
},
{
"db": "PACKETSTORM",
"id": "163863"
},
{
"db": "PACKETSTORM",
"id": "163993"
},
{
"db": "NVD",
"id": "CVE-2020-24511"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-09T00:00:00",
"db": "VULHUB",
"id": "VHN-178397"
},
{
"date": "2021-06-28T19:12:00",
"db": "PACKETSTORM",
"id": "169079"
},
{
"date": "2021-08-10T14:49:53",
"db": "PACKETSTORM",
"id": "163772"
},
{
"date": "2021-08-31T15:56:51",
"db": "PACKETSTORM",
"id": "163966"
},
{
"date": "2021-08-09T14:15:45",
"db": "PACKETSTORM",
"id": "163758"
},
{
"date": "2021-06-09T13:26:32",
"db": "PACKETSTORM",
"id": "163031"
},
{
"date": "2021-06-09T13:28:02",
"db": "PACKETSTORM",
"id": "163036"
},
{
"date": "2021-06-09T13:40:40",
"db": "PACKETSTORM",
"id": "163043"
},
{
"date": "2021-06-09T13:42:12",
"db": "PACKETSTORM",
"id": "163047"
},
{
"date": "2021-08-17T15:19:34",
"db": "PACKETSTORM",
"id": "163863"
},
{
"date": "2021-08-31T16:27:14",
"db": "PACKETSTORM",
"id": "163993"
},
{
"date": "2021-06-09T19:15:08.897000",
"db": "NVD",
"id": "CVE-2020-24511"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-09T00:00:00",
"db": "VULHUB",
"id": "VHN-178397"
},
{
"date": "2021-09-09T12:55:19.680000",
"db": "NVD",
"id": "CVE-2020-24511"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Debian Security Advisory 4934-1",
"sources": [
{
"db": "PACKETSTORM",
"id": "169079"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "info disclosure",
"sources": [
{
"db": "PACKETSTORM",
"id": "163966"
}
],
"trust": 0.1
}
}
VAR-201905-0710
Vulnerability from variot - Updated: 2025-12-22 21:14Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf. Multiple Intel Products are prone to multiple local information-disclosure vulnerabilities. Local attackers can exploit these issues to obtain sensitive information that may aid in further attacks. Intel Xeon Scalable Processors are all products of Intel Corporation of the United States. Intel Xeon Scalable Processors are a scalable server central processing unit (CPU). Intel Xeon Processor E7 v4 Family is a Xeon E7 series server central processing unit (CPU). Intel Xeon Processor E5 v4 Family is a Xeon E5 series server central processing unit (CPU). This vulnerability stems from configuration errors in network systems or products during operation. The following products and versions are affected: Intel Xeon Scalable Processors; Xeon Processor E7 v4 Family; Xeon Processor E5 v4 Family; Xeon Processor E3 v6 Family; Xeon Processor E3 v4 Family; Xeon Processor E; Xeon E Processor; Xeon D Processor; Puma; Pentium Processor Silver Series; Pentium Processor N Series; Pentium Processor J Series; Pentium Gold Processor Series; Mobile Communications Platforms; Microcode; Core X series Processors; Celeron Processor N Series; Celeron Processor J Series; Celeron Processor G Series; Atom Processor X Series ;Atom Processor E3900 Series;Atom Processor E3800 Series;Atom Processor. The vulnerability is due to improper memory operations that could expose a side channel on the affected system. A successful exploit could be used to conduct further attacks. Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available. Intel has confirmed the vulnerability and released software updates. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2019:1169-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:1169 Issue date: 2019-05-14 CVE Names: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer. (CVE-2018-12130)
-
Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126)
-
Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel. (CVE-2019-11091)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
aio O_DIRECT writes to non-page-aligned file locations on ext4 can result in the overlapped portion of the page containing zeros (BZ#1686170)
-
Tolerate new s390x crypto hardware for migration (BZ#1695496)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1646781 - CVE-2018-12126 hardware: Microarchitectural Store Buffer Data Sampling (MSBDS) 1646784 - CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS) 1667782 - CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS) 1705312 - CVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: kernel-2.6.32-754.14.2.el6.src.rpm
i386: kernel-2.6.32-754.14.2.el6.i686.rpm kernel-debug-2.6.32-754.14.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm kernel-devel-2.6.32-754.14.2.el6.i686.rpm kernel-headers-2.6.32-754.14.2.el6.i686.rpm perf-2.6.32-754.14.2.el6.i686.rpm perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm
noarch: kernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm kernel-doc-2.6.32-754.14.2.el6.noarch.rpm kernel-firmware-2.6.32-754.14.2.el6.noarch.rpm
x86_64: kernel-2.6.32-754.14.2.el6.x86_64.rpm kernel-debug-2.6.32-754.14.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm kernel-devel-2.6.32-754.14.2.el6.x86_64.rpm kernel-headers-2.6.32-754.14.2.el6.x86_64.rpm perf-2.6.32-754.14.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: kernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm python-perf-2.6.32-754.14.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm
x86_64: kernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm python-perf-2.6.32-754.14.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: kernel-2.6.32-754.14.2.el6.src.rpm
noarch: kernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm kernel-doc-2.6.32-754.14.2.el6.noarch.rpm kernel-firmware-2.6.32-754.14.2.el6.noarch.rpm
x86_64: kernel-2.6.32-754.14.2.el6.x86_64.rpm kernel-debug-2.6.32-754.14.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm kernel-devel-2.6.32-754.14.2.el6.x86_64.rpm kernel-headers-2.6.32-754.14.2.el6.x86_64.rpm perf-2.6.32-754.14.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: kernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm python-perf-2.6.32-754.14.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: kernel-2.6.32-754.14.2.el6.src.rpm
i386: kernel-2.6.32-754.14.2.el6.i686.rpm kernel-debug-2.6.32-754.14.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm kernel-devel-2.6.32-754.14.2.el6.i686.rpm kernel-headers-2.6.32-754.14.2.el6.i686.rpm perf-2.6.32-754.14.2.el6.i686.rpm perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm
noarch: kernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm kernel-doc-2.6.32-754.14.2.el6.noarch.rpm kernel-firmware-2.6.32-754.14.2.el6.noarch.rpm
ppc64: kernel-2.6.32-754.14.2.el6.ppc64.rpm kernel-bootwrapper-2.6.32-754.14.2.el6.ppc64.rpm kernel-debug-2.6.32-754.14.2.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm kernel-debug-devel-2.6.32-754.14.2.el6.ppc64.rpm kernel-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-754.14.2.el6.ppc64.rpm kernel-devel-2.6.32-754.14.2.el6.ppc64.rpm kernel-headers-2.6.32-754.14.2.el6.ppc64.rpm perf-2.6.32-754.14.2.el6.ppc64.rpm perf-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm
s390x: kernel-2.6.32-754.14.2.el6.s390x.rpm kernel-debug-2.6.32-754.14.2.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.s390x.rpm kernel-debug-devel-2.6.32-754.14.2.el6.s390x.rpm kernel-debuginfo-2.6.32-754.14.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.14.2.el6.s390x.rpm kernel-devel-2.6.32-754.14.2.el6.s390x.rpm kernel-headers-2.6.32-754.14.2.el6.s390x.rpm kernel-kdump-2.6.32-754.14.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.14.2.el6.s390x.rpm kernel-kdump-devel-2.6.32-754.14.2.el6.s390x.rpm perf-2.6.32-754.14.2.el6.s390x.rpm perf-debuginfo-2.6.32-754.14.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.s390x.rpm
x86_64: kernel-2.6.32-754.14.2.el6.x86_64.rpm kernel-debug-2.6.32-754.14.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm kernel-devel-2.6.32-754.14.2.el6.x86_64.rpm kernel-headers-2.6.32-754.14.2.el6.x86_64.rpm perf-2.6.32-754.14.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: kernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm python-perf-2.6.32-754.14.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm
ppc64: kernel-debug-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm kernel-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-754.14.2.el6.ppc64.rpm perf-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm python-perf-2.6.32-754.14.2.el6.ppc64.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm
s390x: kernel-debug-debuginfo-2.6.32-754.14.2.el6.s390x.rpm kernel-debuginfo-2.6.32-754.14.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.14.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.14.2.el6.s390x.rpm perf-debuginfo-2.6.32-754.14.2.el6.s390x.rpm python-perf-2.6.32-754.14.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.s390x.rpm
x86_64: kernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm python-perf-2.6.32-754.14.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: kernel-2.6.32-754.14.2.el6.src.rpm
i386: kernel-2.6.32-754.14.2.el6.i686.rpm kernel-debug-2.6.32-754.14.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm kernel-devel-2.6.32-754.14.2.el6.i686.rpm kernel-headers-2.6.32-754.14.2.el6.i686.rpm perf-2.6.32-754.14.2.el6.i686.rpm perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm
noarch: kernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm kernel-doc-2.6.32-754.14.2.el6.noarch.rpm kernel-firmware-2.6.32-754.14.2.el6.noarch.rpm
x86_64: kernel-2.6.32-754.14.2.el6.x86_64.rpm kernel-debug-2.6.32-754.14.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm kernel-devel-2.6.32-754.14.2.el6.x86_64.rpm kernel-headers-2.6.32-754.14.2.el6.x86_64.rpm perf-2.6.32-754.14.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: kernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm python-perf-2.6.32-754.14.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm
x86_64: kernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm python-perf-2.6.32-754.14.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-12126 https://access.redhat.com/security/cve/CVE-2018-12127 https://access.redhat.com/security/cve/CVE-2018-12130 https://access.redhat.com/security/cve/CVE-2019-11091 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/mds
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXNsJsNzjgjWX9erEAQhvqA//djCoTZz9c1pgUPl2id5ClYVeEOyRXu8E IoQ25ZtL8p88QA3mArktvi8zVac2I0Ij368btFWChg5jDKjKYunmA9/JT3k0h9oU uFkwnIZycKIwjyoppnJ+0ck9ZtcXYfwVg9vKSQ314+wFWgjP6uA5u826lVmRVp/L ogMeB7I0GMA7Y2aLwL0jawrUlV/yPTDypkTgeCYkEJHduL6TYqBenfU4h44HuC2o Fmf4Efojx95jrMUb5Tj3bdsbexrhoQ4CjnQlUJjNcvQEGEVIYvzuRmXSN5xdoRRh DZ1UICINmJzD5+NKdNJWTrEP8evvmw7IgCNqRUhA25IBBH86cSadt6gqalxh9/DL RFGbNOK2Ny39NA/rM1NsAE0kgiBtaBJNeNCvGBlJDUufNFeZn9el9X3he/30LY1X zOV1Xn3d+9lE6RoXDvnoKaRX52TS+X+Z03Mhr0V0r56MnNu/QmtbaK2y8KBs4Vm4 w41G0BsEkovXJ3AEobnAw0/tnaAQJgfCHIINrknGOPqCrj3OLhpGZgYeYgZZQTei b8GmQADmLE8inpxncYFcodh+5ar4aVDjsLCUV5hUJBqPwR6JsW515sWBQPnaUBiw vLWsvZag1DjpIqrP5JQG3jYtT8XW5/YUM1ey2TPMBuPX/1EVP6DNMcixlaVaJF7P rTvFzC19U40= =FB27 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Software Description: - intel-microcode: Processor microcode for Intel CPUs
Details:
USN-3977-1 and USN-3977-2 provided mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities in Intel Microcode for a large number of Intel processor families. ========================================================================== Ubuntu Security Notice USN-3981-1 May 14, 2019
linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors
Details:
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian \xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. (CVE-2018-12130)
Brandon Falk, Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Stephan van Schaik, Alyssa Milburn, Sebastian \xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that memory previously stored in microarchitectural load ports of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. (CVE-2018-12127)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Berk Sunar, Frank Piessens, and Yuval Yarom discovered that memory previously stored in microarchitectural store buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. (CVE-2018-12126)
Vasily Averin and Evgenii Shatokhin discovered that a use-after-free vulnerability existed in the NFS41+ subsystem when multiple network namespaces are in use. A local attacker in a container could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-16884)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Volodrmyr Pikhur, Moritz Lipp, Michael Schwarz, Daniel Gruss, Stephan van Schaik, Alyssa Milburn, Sebastian \xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that uncacheable memory previously stored in microarchitectural buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. (CVE-2019-11091)
Matteo Croce, Natale Vinto, and Andrea Spagnolo discovered that the cgroups subsystem of the Linux kernel did not properly account for SCTP socket buffers. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-3874)
Alex Williamson discovered that the vfio subsystem of the Linux kernel did not properly limit DMA mappings. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-3882)
Hugues Anguelkov discovered that the Broadcom Wifi driver in the Linux kernel contained a heap buffer overflow. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-9500)
Hugues Anguelkov discovered that the Broadcom Wifi driver in the Linux kernel did not properly prevent remote firmware events from being processed for USB Wifi devices. A physically proximate attacker could use this to send firmware events to the device. (CVE-2019-9503)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: linux-image-4.15.0-1013-oracle 4.15.0-1013.15 linux-image-4.15.0-1032-gcp 4.15.0-1032.34 linux-image-4.15.0-1034-kvm 4.15.0-1034.34 linux-image-4.15.0-1036-raspi2 4.15.0-1036.38 linux-image-4.15.0-1038-oem 4.15.0-1038.43 linux-image-4.15.0-1039-aws 4.15.0-1039.41 linux-image-4.15.0-1053-snapdragon 4.15.0-1053.57 linux-image-4.15.0-50-generic 4.15.0-50.54 linux-image-4.15.0-50-generic-lpae 4.15.0-50.54 linux-image-4.15.0-50-lowlatency 4.15.0-50.54 linux-image-4.15.0-50-snapdragon 4.15.0-50.54 linux-image-aws 4.15.0.1039.38 linux-image-gcp 4.15.0.1032.34 linux-image-generic 4.15.0.50.52 linux-image-generic-lpae 4.15.0.50.52 linux-image-kvm 4.15.0.1034.34 linux-image-lowlatency 4.15.0.50.52 linux-image-oem 4.15.0.1038.43 linux-image-oracle 4.15.0.1013.16 linux-image-powerpc-e500mc 4.15.0.50.52 linux-image-powerpc-smp 4.15.0.50.52 linux-image-powerpc64-emb 4.15.0.50.52 linux-image-powerpc64-smp 4.15.0.50.52 linux-image-raspi2 4.15.0.1036.34 linux-image-snapdragon 4.15.0.1053.56 linux-image-virtual 4.15.0.50.52
After a standard system update you need to reboot your computer to make all the necessary changes.
Please note that fully mitigating the Microarchitectural Data Sampling (MDS) issues (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091) requires corresponding processor microcode/firmware updates or, in virtual environments, hypervisor updates. These CVEs are security vulnerabilities caused by flaws in the design of speculative execution hardware in the computer's CPU.
Details on the vulnerability and our response can be found here: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/MDS
Due to the high complexity of the fixes and the need for a corresponding CPU microcode update for a complete fix, we are unable to livepatch these CVEs. Please plan to reboot into an updated kernel as soon as possible.
References: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0710",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "29"
},
{
"model": "microarchitectural load port data sampling",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "workstation pro",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "workstation player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "vsphere integrated containers",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "vsphere esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "vsphere data protection",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "vcloud usage meter",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "vcenter server appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "fusion pro",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "fusion player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openstack platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "openstack platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "14.0"
},
{
"model": "openstack platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "13.0"
},
{
"model": "openstack platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "10"
},
{
"model": "management agent for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "70"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.3"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.2"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.3"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.2"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-6.6"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-6.5"
},
{
"model": "enterprise linux advanced virtualization",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "80"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "8"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "wf-500",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "9.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20190"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "windows server r2 for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "19030"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "18030"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1019030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "xeon w processor",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon scalable processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon processor e7 family",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "v40"
},
{
"model": "xeon processor e5 family",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "v40"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "v60"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "v40"
},
{
"model": "xeon processor e",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon e processor",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon d processor",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "puma",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor silver series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor n series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor j series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium gold processor series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "mobile communications platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "microcode",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "core series processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "x0"
},
{
"model": "celeron processor n series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "celeron processor j series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "celeron processor g series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "x0"
},
{
"model": "atom processor e3900 series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor e3800 series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor c series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor a series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "9th generation core i9 processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "9th generation core i7 processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "9th generation core i5 processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "8th generation core processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "7th generation core processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "6th generation core processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "5th generation core processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "4th generation core processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364160"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.344"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.343"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.342"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "73.0.3683.75"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "72.0.3626.122"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "71.0.3578.94"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "70.0.3538.110"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "67.0.3396.99"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "67.0.3396.101"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "65.0.3325.167"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "64.0.3282.167"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "64.0.3282.144"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "64.0.3282.134"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "64.0.3282.119"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "63.0.3239.86"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "62.0.3202.97"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "61.0.3163.113"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "60.0.3112.114"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "59.0.3071.92"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "59.0.3071.91"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "58.0.3029.89"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "57.0.2987.137"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "54.0.2840.79"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "53.0.2785.144"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "53.0.2785.103"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "52.0.2743.85"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "48.0.2564.92"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "48.0.2564.116"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "40.0.2214.114"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "37.0.2062.119"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.155"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.152"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "28.0.1500.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "28.0.1500.71"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.9"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.57"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.56"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.55"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.54"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.52"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.51"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.50"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.49"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.48"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.47"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.46"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.45"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.44"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.43"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.42"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.41"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.40"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.39"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.38"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.37"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.36"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.35"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.34"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.33"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.32"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.31"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.30"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.29"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.28"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.27"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.26"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.25"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.24"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.23"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.22"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.21"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.20"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.19"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.18"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.17"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.16"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.15"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.14"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.10"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.99"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.98"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.93"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.92"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.91"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.90"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.9"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.89"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.88"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.87"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.86"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.85"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.84"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.82"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.81"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.80"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.79"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.78"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.77"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.76"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.75"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.74"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.73"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.72"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.70"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.68"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.67"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.66"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.65"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.63"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.62"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.61"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.58"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.57"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.56"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.55"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.54"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.53"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.52"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.51"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.50"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.49"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.48"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.47"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.46"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.45"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.44"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.43"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.42"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.41"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.40"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.39"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.38"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.37"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.36"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.35"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.34"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.33"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.32"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.31"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.30"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.29"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.28"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.27"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.26"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.25"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.24"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.23"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.22"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.21"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.20"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.19"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.18"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.173"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.172"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.171"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.170"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.17"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.169"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.168"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.161"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.16"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.159"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.156"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.155"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.154"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.152"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.15"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.14"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.13"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.126"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.125"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.124"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.123"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.122"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.121"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.120"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.119"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.118"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.117"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.116"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.115"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.114"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.113"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.112"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.110"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.108"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.10"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "23.0.1271.94"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1183.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.9"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.81"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.79"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.57"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.56"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.55"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.54"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.53"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.52"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.51"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.50"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.49"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.48"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.47"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.46"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.41"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.39"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.38"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.37"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.36"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.35"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.34"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.33"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.32"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.31"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.18"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.17"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.15"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.14"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.13"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.10"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.9"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.21"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.20"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.19"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.18"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.17"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.16"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.15"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.14"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.13"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.10"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.134.14"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.131.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.128.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.126.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.110.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.10.140.0"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "7.6"
},
{
"model": "xenserver ltsr cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "7.1"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "7.0"
},
{
"model": "hypervisor",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.0"
},
{
"model": "chrome os",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "75.0.3770.102"
}
],
"sources": [
{
"db": "BID",
"id": "108330"
},
{
"db": "NVD",
"id": "CVE-2018-12127"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "152962"
},
{
"db": "PACKETSTORM",
"id": "152929"
},
{
"db": "PACKETSTORM",
"id": "153389"
},
{
"db": "PACKETSTORM",
"id": "152939"
},
{
"db": "PACKETSTORM",
"id": "152935"
},
{
"db": "PACKETSTORM",
"id": "152927"
}
],
"trust": 0.6
},
"cve": "CVE-2018-12127",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2018-12127",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-122055",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.1,
"id": "CVE-2018-12127",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-12127",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-622",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-122055",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-12127",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122055"
},
{
"db": "VULMON",
"id": "CVE-2018-12127"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-622"
},
{
"db": "NVD",
"id": "CVE-2018-12127"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf. Multiple Intel Products are prone to multiple local information-disclosure vulnerabilities. \nLocal attackers can exploit these issues to obtain sensitive information that may aid in further attacks. Intel Xeon Scalable Processors are all products of Intel Corporation of the United States. Intel Xeon Scalable Processors are a scalable server central processing unit (CPU). Intel Xeon Processor E7 v4 Family is a Xeon E7 series server central processing unit (CPU). Intel Xeon Processor E5 v4 Family is a Xeon E5 series server central processing unit (CPU). This vulnerability stems from configuration errors in network systems or products during operation. The following products and versions are affected: Intel Xeon Scalable Processors; Xeon Processor E7 v4 Family; Xeon Processor E5 v4 Family; Xeon Processor E3 v6 Family; Xeon Processor E3 v4 Family; Xeon Processor E; Xeon E Processor; Xeon D Processor; Puma; Pentium Processor Silver Series; Pentium Processor N Series; Pentium Processor J Series; Pentium Gold Processor Series; Mobile Communications Platforms; Microcode; Core X series Processors; Celeron Processor N Series; Celeron Processor J Series; Celeron Processor G Series; Atom Processor X Series ;Atom Processor E3900 Series;Atom Processor E3800 Series;Atom Processor. \nThe vulnerability is due to improper memory operations that could expose a side channel on the affected system. A successful exploit could be used to conduct further attacks. \nProof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available. \nIntel has confirmed the vulnerability and released software updates. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2019:1169-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:1169\nIssue date: 2019-05-14\nCVE Names: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 \n CVE-2019-11091 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* A flaw was found in the implementation of the \"fill buffer\", a mechanism\nused by modern CPUs when a cache-miss is made on L1 CPU cache. If an\nattacker can generate a load operation that would create a page fault, the\nexecution will continue speculatively with incorrect data from the fill\nbuffer while the data is fetched from higher level caches. This response\ntime can be measured to infer data in the fill buffer. (CVE-2018-12130)\n\n* Modern Intel microprocessors implement hardware-level micro-optimizations\nto improve the performance of writing data back to CPU caches. The write\noperation is split into STA (STore Address) and STD (STore Data)\nsub-operations. These sub-operations allow the processor to hand-off\naddress generation logic into these sub-operations for optimized writes. \nBoth of these sub-operations write to a shared distributed processor\nstructure called the \u0027processor store buffer\u0027. As a result, an unprivileged\nattacker could use this flaw to read private data resident within the CPU\u0027s\nprocessor store buffer. (CVE-2018-12126)\n\n* Microprocessors use a \u2018load port\u2019 subcomponent to perform load operations\nfrom memory or IO. During a load operation, the load port receives data\nfrom the memory or IO subsystem and then provides the data to the CPU\nregisters and operations in the CPU\u2019s pipelines. Stale load operations\nresults are stored in the \u0027load port\u0027 table until overwritten by newer\noperations. Certain load-port operations triggered by an attacker can be\nused to reveal data about previous stale requests leaking data back to the\nattacker via a timing side-channel. (CVE-2019-11091)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* aio O_DIRECT writes to non-page-aligned file locations on ext4 can result\nin the overlapped portion of the page containing zeros (BZ#1686170)\n\n* Tolerate new s390x crypto hardware for migration (BZ#1695496)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1646781 - CVE-2018-12126 hardware: Microarchitectural Store Buffer Data Sampling (MSBDS)\n1646784 - CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)\n1667782 - CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS)\n1705312 - CVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nkernel-2.6.32-754.14.2.el6.src.rpm\n\ni386:\nkernel-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm\nkernel-devel-2.6.32-754.14.2.el6.i686.rpm\nkernel-headers-2.6.32-754.14.2.el6.i686.rpm\nperf-2.6.32-754.14.2.el6.i686.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm\nkernel-doc-2.6.32-754.14.2.el6.noarch.rpm\nkernel-firmware-2.6.32-754.14.2.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debug-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-devel-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-headers-2.6.32-754.14.2.el6.x86_64.rpm\nperf-2.6.32-754.14.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\npython-perf-2.6.32-754.14.2.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\npython-perf-2.6.32-754.14.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nkernel-2.6.32-754.14.2.el6.src.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm\nkernel-doc-2.6.32-754.14.2.el6.noarch.rpm\nkernel-firmware-2.6.32-754.14.2.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debug-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-devel-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-headers-2.6.32-754.14.2.el6.x86_64.rpm\nperf-2.6.32-754.14.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\npython-perf-2.6.32-754.14.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nkernel-2.6.32-754.14.2.el6.src.rpm\n\ni386:\nkernel-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm\nkernel-devel-2.6.32-754.14.2.el6.i686.rpm\nkernel-headers-2.6.32-754.14.2.el6.i686.rpm\nperf-2.6.32-754.14.2.el6.i686.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm\nkernel-doc-2.6.32-754.14.2.el6.noarch.rpm\nkernel-firmware-2.6.32-754.14.2.el6.noarch.rpm\n\nppc64:\nkernel-2.6.32-754.14.2.el6.ppc64.rpm\nkernel-bootwrapper-2.6.32-754.14.2.el6.ppc64.rpm\nkernel-debug-2.6.32-754.14.2.el6.ppc64.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-754.14.2.el6.ppc64.rpm\nkernel-devel-2.6.32-754.14.2.el6.ppc64.rpm\nkernel-headers-2.6.32-754.14.2.el6.ppc64.rpm\nperf-2.6.32-754.14.2.el6.ppc64.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm\n\ns390x:\nkernel-2.6.32-754.14.2.el6.s390x.rpm\nkernel-debug-2.6.32-754.14.2.el6.s390x.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.s390x.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.s390x.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-754.14.2.el6.s390x.rpm\nkernel-devel-2.6.32-754.14.2.el6.s390x.rpm\nkernel-headers-2.6.32-754.14.2.el6.s390x.rpm\nkernel-kdump-2.6.32-754.14.2.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-754.14.2.el6.s390x.rpm\nkernel-kdump-devel-2.6.32-754.14.2.el6.s390x.rpm\nperf-2.6.32-754.14.2.el6.s390x.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.s390x.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.s390x.rpm\n\nx86_64:\nkernel-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debug-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-devel-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-headers-2.6.32-754.14.2.el6.x86_64.rpm\nperf-2.6.32-754.14.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\npython-perf-2.6.32-754.14.2.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\n\nppc64:\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-754.14.2.el6.ppc64.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm\npython-perf-2.6.32-754.14.2.el6.ppc64.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.ppc64.rpm\n\ns390x:\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.s390x.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-754.14.2.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-754.14.2.el6.s390x.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.s390x.rpm\npython-perf-2.6.32-754.14.2.el6.s390x.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.s390x.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\npython-perf-2.6.32-754.14.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nkernel-2.6.32-754.14.2.el6.src.rpm\n\ni386:\nkernel-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm\nkernel-devel-2.6.32-754.14.2.el6.i686.rpm\nkernel-headers-2.6.32-754.14.2.el6.i686.rpm\nperf-2.6.32-754.14.2.el6.i686.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm\nkernel-doc-2.6.32-754.14.2.el6.noarch.rpm\nkernel-firmware-2.6.32-754.14.2.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debug-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-devel-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-headers-2.6.32-754.14.2.el6.x86_64.rpm\nperf-2.6.32-754.14.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-754.14.2.el6.i686.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\npython-perf-2.6.32-754.14.2.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.i686.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.14.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\npython-perf-2.6.32-754.14.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.14.2.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-12126\nhttps://access.redhat.com/security/cve/CVE-2018-12127\nhttps://access.redhat.com/security/cve/CVE-2018-12130\nhttps://access.redhat.com/security/cve/CVE-2019-11091\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/mds\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXNsJsNzjgjWX9erEAQhvqA//djCoTZz9c1pgUPl2id5ClYVeEOyRXu8E\nIoQ25ZtL8p88QA3mArktvi8zVac2I0Ij368btFWChg5jDKjKYunmA9/JT3k0h9oU\nuFkwnIZycKIwjyoppnJ+0ck9ZtcXYfwVg9vKSQ314+wFWgjP6uA5u826lVmRVp/L\nogMeB7I0GMA7Y2aLwL0jawrUlV/yPTDypkTgeCYkEJHduL6TYqBenfU4h44HuC2o\nFmf4Efojx95jrMUb5Tj3bdsbexrhoQ4CjnQlUJjNcvQEGEVIYvzuRmXSN5xdoRRh\nDZ1UICINmJzD5+NKdNJWTrEP8evvmw7IgCNqRUhA25IBBH86cSadt6gqalxh9/DL\nRFGbNOK2Ny39NA/rM1NsAE0kgiBtaBJNeNCvGBlJDUufNFeZn9el9X3he/30LY1X\nzOV1Xn3d+9lE6RoXDvnoKaRX52TS+X+Z03Mhr0V0r56MnNu/QmtbaK2y8KBs4Vm4\nw41G0BsEkovXJ3AEobnAw0/tnaAQJgfCHIINrknGOPqCrj3OLhpGZgYeYgZZQTei\nb8GmQADmLE8inpxncYFcodh+5ar4aVDjsLCUV5hUJBqPwR6JsW515sWBQPnaUBiw\nvLWsvZag1DjpIqrP5JQG3jYtT8XW5/YUM1ey2TPMBuPX/1EVP6DNMcixlaVaJF7P\nrTvFzC19U40=\n=FB27\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSoftware Description:\n- intel-microcode: Processor microcode for Intel CPUs\n\nDetails:\n\nUSN-3977-1 and USN-3977-2 provided mitigations for Microarchitectural\nData Sampling (MDS) vulnerabilities in Intel Microcode for a\nlarge number of Intel processor families. ==========================================================================\nUbuntu Security Notice USN-3981-1\nMay 14, 2019\n\nlinux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-oracle,\nlinux-raspi2, linux-snapdragon vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux: Linux kernel\n- linux-aws: Linux kernel for Amazon Web Services (AWS) systems\n- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems\n- linux-kvm: Linux kernel for cloud environments\n- linux-oem: Linux kernel for OEM processors\n- linux-oracle: Linux kernel for Oracle Cloud systems\n- linux-raspi2: Linux kernel for Raspberry Pi 2\n- linux-snapdragon: Linux kernel for Snapdragon processors\n\nDetails:\n\nKe Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan\nHorea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa\nMilburn, Sebastian \\xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos,\nCristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss\ndiscovered that memory previously stored in microarchitectural fill buffers\nof an Intel CPU core may be exposed to a malicious process that is\nexecuting on the same CPU core. (CVE-2018-12130)\n\nBrandon Falk, Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Stephan\nvan Schaik, Alyssa Milburn, Sebastian \\xd6sterlund, Pietro Frigo, Kaveh\nRazavi, Herbert Bos, and Cristiano Giuffrida discovered that memory\npreviously stored in microarchitectural load ports of an Intel CPU core may\nbe exposed to a malicious process that is executing on the same CPU core. \n(CVE-2018-12127)\n\nKe Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Marina Minkin, Daniel\nMoghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel\nGruss, Berk Sunar, Frank Piessens, and Yuval Yarom discovered that memory\npreviously stored in microarchitectural store buffers of an Intel CPU core\nmay be exposed to a malicious process that is executing on the same CPU\ncore. \n(CVE-2018-12126)\n\nVasily Averin and Evgenii Shatokhin discovered that a use-after-free\nvulnerability existed in the NFS41+ subsystem when multiple network\nnamespaces are in use. A local attacker in a container could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2018-16884)\n\nKe Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Volodrmyr Pikhur,\nMoritz Lipp, Michael Schwarz, Daniel Gruss, Stephan van Schaik, Alyssa\nMilburn, Sebastian \\xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and\nCristiano Giuffrida discovered that uncacheable memory previously stored in\nmicroarchitectural buffers of an Intel CPU core may be exposed to a\nmalicious process that is executing on the same CPU core. (CVE-2019-11091)\n\nMatteo Croce, Natale Vinto, and Andrea Spagnolo discovered that the cgroups\nsubsystem of the Linux kernel did not properly account for SCTP socket\nbuffers. A local attacker could use this to cause a denial of service\n(system crash). (CVE-2019-3874)\n\nAlex Williamson discovered that the vfio subsystem of the Linux kernel did\nnot properly limit DMA mappings. A local attacker could use this to cause a\ndenial of service (memory exhaustion). (CVE-2019-3882)\n\nHugues Anguelkov discovered that the Broadcom Wifi driver in the Linux\nkernel contained a heap buffer overflow. A physically proximate attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-9500)\n\nHugues Anguelkov discovered that the Broadcom Wifi driver in the Linux\nkernel did not properly prevent remote firmware events from being processed\nfor USB Wifi devices. A physically proximate attacker could use this to\nsend firmware events to the device. (CVE-2019-9503)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 18.04 LTS:\n linux-image-4.15.0-1013-oracle 4.15.0-1013.15\n linux-image-4.15.0-1032-gcp 4.15.0-1032.34\n linux-image-4.15.0-1034-kvm 4.15.0-1034.34\n linux-image-4.15.0-1036-raspi2 4.15.0-1036.38\n linux-image-4.15.0-1038-oem 4.15.0-1038.43\n linux-image-4.15.0-1039-aws 4.15.0-1039.41\n linux-image-4.15.0-1053-snapdragon 4.15.0-1053.57\n linux-image-4.15.0-50-generic 4.15.0-50.54\n linux-image-4.15.0-50-generic-lpae 4.15.0-50.54\n linux-image-4.15.0-50-lowlatency 4.15.0-50.54\n linux-image-4.15.0-50-snapdragon 4.15.0-50.54\n linux-image-aws 4.15.0.1039.38\n linux-image-gcp 4.15.0.1032.34\n linux-image-generic 4.15.0.50.52\n linux-image-generic-lpae 4.15.0.50.52\n linux-image-kvm 4.15.0.1034.34\n linux-image-lowlatency 4.15.0.50.52\n linux-image-oem 4.15.0.1038.43\n linux-image-oracle 4.15.0.1013.16\n linux-image-powerpc-e500mc 4.15.0.50.52\n linux-image-powerpc-smp 4.15.0.50.52\n linux-image-powerpc64-emb 4.15.0.50.52\n linux-image-powerpc64-smp 4.15.0.50.52\n linux-image-raspi2 4.15.0.1036.34\n linux-image-snapdragon 4.15.0.1053.56\n linux-image-virtual 4.15.0.50.52\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nPlease note that fully mitigating the Microarchitectural Data Sampling\n(MDS) issues (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and\nCVE-2019-11091) requires corresponding processor microcode/firmware\nupdates or, in virtual environments, hypervisor updates. These CVEs are security vulnerabilities caused by flaws in the\ndesign of speculative execution hardware in the computer\u0027s CPU. \n\nDetails on the vulnerability and our response can be found here:\nhttps://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/MDS\n\nDue to the high complexity of the fixes and the need for a corresponding\nCPU microcode update for a complete fix, we are unable to livepatch these\nCVEs. Please plan to reboot into an updated kernel as soon as possible. \n\nReferences:\n CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091\n\n\n\n-- \nubuntu-security-announce mailing list\nubuntu-security-announce@lists.ubuntu.com\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-12127"
},
{
"db": "BID",
"id": "108330"
},
{
"db": "VULHUB",
"id": "VHN-122055"
},
{
"db": "VULMON",
"id": "CVE-2018-12127"
},
{
"db": "PACKETSTORM",
"id": "152879"
},
{
"db": "PACKETSTORM",
"id": "152962"
},
{
"db": "PACKETSTORM",
"id": "152929"
},
{
"db": "PACKETSTORM",
"id": "153389"
},
{
"db": "PACKETSTORM",
"id": "152939"
},
{
"db": "PACKETSTORM",
"id": "152935"
},
{
"db": "PACKETSTORM",
"id": "152927"
},
{
"db": "PACKETSTORM",
"id": "152919"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-12127",
"trust": 3.0
},
{
"db": "PACKETSTORM",
"id": "155281",
"trust": 1.8
},
{
"db": "SIEMENS",
"id": "SSA-616472",
"trust": 1.2
},
{
"db": "SIEMENS",
"id": "SSA-608355",
"trust": 1.2
},
{
"db": "MCAFEE",
"id": "SB10292",
"trust": 1.2
},
{
"db": "BID",
"id": "108330",
"trust": 0.9
},
{
"db": "CNNVD",
"id": "CNNVD-201905-622",
"trust": 0.7
},
{
"db": "LENOVO",
"id": "LEN-26696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1754",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0153",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1705",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1737.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0127",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1812",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4358",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4321",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155956",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "156920",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "152952",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "152942",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-122055",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-12127",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152879",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152962",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153248",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152929",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153389",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152939",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152935",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152927",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152919",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122055"
},
{
"db": "VULMON",
"id": "CVE-2018-12127"
},
{
"db": "BID",
"id": "108330"
},
{
"db": "PACKETSTORM",
"id": "152879"
},
{
"db": "PACKETSTORM",
"id": "152962"
},
{
"db": "PACKETSTORM",
"id": "153248"
},
{
"db": "PACKETSTORM",
"id": "152929"
},
{
"db": "PACKETSTORM",
"id": "153389"
},
{
"db": "PACKETSTORM",
"id": "152939"
},
{
"db": "PACKETSTORM",
"id": "152935"
},
{
"db": "PACKETSTORM",
"id": "152927"
},
{
"db": "PACKETSTORM",
"id": "152919"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-622"
},
{
"db": "NVD",
"id": "CVE-2018-12127"
}
]
},
"id": "VAR-201905-0710",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-122055"
}
],
"trust": 0.8208844358333333
},
"last_update_date": "2025-12-22T21:14:57.404000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "linux kernel Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92582"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2019/05/14/intel_hyper_threading_mitigations/"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191167 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm-rhev security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191179 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191168 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm-rhev security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191202 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm-rhev security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191200 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191171 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191176 - Security Advisory"
},
{
"title": "Red Hat: Important: libvirt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191186 - Security Advisory"
},
{
"title": "Red Hat: Important: libvirt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191197 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191195 - Security Advisory"
},
{
"title": "Red Hat: Important: redhat-virtualization-host security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191207 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191185 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm-rhev security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191199 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm-rhev security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191201 - Security Advisory"
},
{
"title": "Red Hat: Important: rhvm-setup-plugins security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191206 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191183 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191178 - Security Advisory"
},
{
"title": "Red Hat: Important: libvirt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191177 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191198 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191193 - Security Advisory"
},
{
"title": "Red Hat: Important: libvirt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191180 - Security Advisory"
},
{
"title": "Red Hat: Important: rhvm-appliance security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191208 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191189 - Security Advisory"
},
{
"title": "Red Hat: Important: libvirt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191182 - Security Advisory"
},
{
"title": "Red Hat: Important: libvirt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191184 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191172 - Security Advisory"
},
{
"title": "Red Hat: Important: redhat-virtualization-host security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191209 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191181 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191174 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191155 - Security Advisory"
},
{
"title": "Red Hat: Important: vdsm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191203 - Security Advisory"
},
{
"title": "Red Hat: Important: libvirt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191187 - Security Advisory"
},
{
"title": "Red Hat: Important: rhvm-setup-plugins security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191205 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191169 - Security Advisory"
},
{
"title": "Red Hat: Important: vdsm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191204 - Security Advisory"
},
{
"title": "Red Hat: Important: qemu-kvm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191188 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191196 - Security Advisory"
},
{
"title": "Red Hat: Important: libvirt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191194 - Security Advisory"
},
{
"title": "Red Hat: Important: Advanced Virtualization security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191455 - Security Advisory"
},
{
"title": "Red Hat: CVE-2018-12127",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2018-12127"
},
{
"title": "Ubuntu Security Notice: linux vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3983-1"
},
{
"title": "Debian Security Advisories: DSA-4444-1 linux -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=c960cd2c4c663bee4208c29f78956570"
},
{
"title": "Debian CVElist Bug Report Logs: xen: XSA-288: x86: Inconsistent PV IOMMU discipline",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=5e6e0619bc9879769e2dc27651292ba1"
},
{
"title": "Ubuntu Security Notice: intel-microcode update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3977-3"
},
{
"title": "Ubuntu Security Notice: linux-lts-trusty vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3983-2"
},
{
"title": "Red Hat: Important: qemu-kvm-rhev security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20192553 - Security Advisory"
},
{
"title": "Red Hat: Important: virt:rhel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191175 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-4447-1 intel-microcode -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=783d5f8f3ad6bd4b472bac87f78daf39"
},
{
"title": "Debian CVElist Bug Report Logs: xen: XSA-292: x86: insufficient TLB flushing when using PCID",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=6f420d7ce4edc488c67e4f105805e662"
},
{
"title": "Debian CVElist Bug Report Logs: xen: XSA-293: x86: PV kernel context switch corruption",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=6489072c7d814c3eeb410e3c3014742f"
},
{
"title": "Debian CVElist Bug Report Logs: xen: XSA-287: x86: steal_page violates page_struct access discipline",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2265e0ec672f9854d200348511f0f8de"
},
{
"title": "Debian CVElist Bug Report Logs: xen: XSA-294: x86 shadow: Insufficient TLB flushing when using PCID",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=a3e8998cea5d5825f10ea1c09276196e"
},
{
"title": "Debian CVElist Bug Report Logs: Xen Hypervisor security update for Intel MDS - XSA 297",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=3c5d2f154807c8ff4e324ef14ef12771"
},
{
"title": "Debian CVElist Bug Report Logs: xen: XSA-285: race with pass-through device hotplug",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=58ea80c1aac43705a15b8df06106fc72"
},
{
"title": "Debian CVElist Bug Report Logs: xen: XSA-284: grant table transfer issues on large hosts",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=3fb9629013e9105b3361893f58ff13e2"
},
{
"title": "Debian CVElist Bug Report Logs: xen: XSA-291: x86/PV: page type reference counting issue with failed IOMMU update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=24d344e2b0de0f8050341e180d5e3ad6"
},
{
"title": "Debian CVElist Bug Report Logs: xen: XSA-290: missing preemption in x86 PV page table unvalidation",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eefa90208138c527071b467dedc4d2d8"
},
{
"title": "HP: HPSBHF03618 rev. 1 - Intel Microarchitectural Data Sampling Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03618"
},
{
"title": "Ubuntu Security Notice: libvirt update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3985-2"
},
{
"title": "Ubuntu Security Notice: libvirt update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3985-1"
},
{
"title": "Ubuntu Security Notice: intel-microcode update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3977-2"
},
{
"title": "Amazon Linux AMI: ALAS-2019-1260",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2019-1260"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3982-1"
},
{
"title": "Ubuntu Security Notice: intel-microcode update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3977-1"
},
{
"title": "Ubuntu Security Notice: linux vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3984-1"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=30d0a4e627570cd4d5945ca971daba72"
},
{
"title": "Amazon Linux AMI: ALAS-2019-1205",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2019-1205"
},
{
"title": "Amazon Linux 2: ALAS2-2019-1205",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2019-1205"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191170 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: linux-hwe, linux-azure vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3980-2"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191190 - Security Advisory"
},
{
"title": "Debian CVElist Bug Report Logs: qemu: CVE-2019-5008",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=3a83f6ae99e6b2e0c974ac32c9ef74a2"
},
{
"title": "Ubuntu Security Notice: linux-lts-xenial vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3982-2"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerabilities in Intel CPUs affect IBM Integrated Analytics System",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c47b16f3ebd0fdbec9f73e7f3324fed3"
},
{
"title": "IBM: IBM Security Bulletin: IBM has released Unified Extensible Firmware Interface (UEFI) fixes in response to Intel Microarchitectural Data Sampling (MDS) Side Channel vulnerabilities.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=bc9f36e4b0d29a9ca06baf362fd957d0"
},
{
"title": "Debian Security Advisories: DSA-4564-1 linux -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=6a2efed9e3fbb73861bbf72b19140077"
},
{
"title": "IBM: IBM Addresses Reported Intel Security Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=ab73c937cee32c79f9fc9bc6ef3cc36d"
},
{
"title": "Debian Security Advisories: DSA-4469-1 libvirt -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=4e2fe5b482468cc28e671437a04edddc"
},
{
"title": "Ubuntu Security Notice: qemu update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3978-1"
},
{
"title": "Ubuntu Security Notice: linux-hwe, linux-azure, linux-gcp, linux-oracle vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3981-2"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3981-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/j1nh0/pdf "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/j1nh0/nisol "
},
{
"title": "Windows-Specture-Meltdown-Mitigation-Script",
"trust": 0.1,
"url": "https://github.com/simeononsecurity/Windows-Specture-Meltdown-Mitigation-Script "
},
{
"title": "Windows-Spectre-Meltdown-Mitigation-Script",
"trust": 0.1,
"url": "https://github.com/simeononsecurity/Windows-Spectre-Meltdown-Mitigation-Script "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kali973/spectre-meltdown-checker "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/es0j/hyperbleed "
},
{
"title": "puppet-meltdown",
"trust": 0.1,
"url": "https://github.com/timidri/puppet-meltdown "
},
{
"title": "cSpeculationControlFixes",
"trust": 0.1,
"url": "https://github.com/poshsecurity/cSpeculationControlFixes "
},
{
"title": "Linux-Tools",
"trust": 0.1,
"url": "https://github.com/minutesinch/Linux-Tools "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/merlinepedra25/spectre-meltdown-checker "
},
{
"title": "spectre-meltdown",
"trust": 0.1,
"url": "https://github.com/edsonjt81/spectre-meltdown "
},
{
"title": "spectre-meltdown-checker",
"trust": 0.1,
"url": "https://github.com/speed47/spectre-meltdown-checker "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/merlinepedra/spectre-meltdown-checker "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kin-cho/my-spectre-meltdown-checker "
},
{
"title": "Firmware-Security",
"trust": 0.1,
"url": "https://github.com/virusbeeE/Firmware-Security "
},
{
"title": "Hardware-and-Firmware-Security-Guidance",
"trust": 0.1,
"url": "https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance "
},
{
"title": "hardware-attacks-state-of-the-art",
"trust": 0.1,
"url": "https://github.com/codexlynx/hardware-attacks-state-of-the-art "
},
{
"title": "ansible-everyday",
"trust": 0.1,
"url": "https://github.com/kaosagnt/ansible-everyday "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/intel-zombieload-side-channel-attack-10-takeaways/144771/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/apple-patches-intel-side-channel-ios-macos/144743/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/intel-cpus-impacted-by-new-class-of-spectre-like-attacks/144728/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-12127"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-622"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122055"
},
{
"db": "NVD",
"id": "CVE-2018-12127"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2020/dsa-4602"
},
{
"trust": 1.8,
"url": "https://security.freebsd.org/advisories/freebsd-sa-19:26.mcu.asc"
},
{
"trust": 1.8,
"url": "http://packetstormsecurity.com/files/155281/freebsd-security-advisory-freebsd-sa-19-26.mcu.html"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/errata/rhsa-2019:1455"
},
{
"trust": 1.2,
"url": "https://seclists.org/bugtraq/2019/jun/28"
},
{
"trust": 1.2,
"url": "https://seclists.org/bugtraq/2019/jun/36"
},
{
"trust": 1.2,
"url": "https://seclists.org/bugtraq/2019/nov/16"
},
{
"trust": 1.2,
"url": "https://seclists.org/bugtraq/2019/nov/15"
},
{
"trust": 1.2,
"url": "https://seclists.org/bugtraq/2020/jan/21"
},
{
"trust": 1.2,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2019-003.txt"
},
{
"trust": 1.2,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en"
},
{
"trust": 1.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"trust": 1.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf"
},
{
"trust": 1.2,
"url": "https://www.synology.com/security/advisory/synology_sa_19_24"
},
{
"trust": 1.2,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-19:07.mds.asc"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202003-56"
},
{
"trust": 1.2,
"url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2019:2553"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html"
},
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/3977-3/"
},
{
"trust": 1.2,
"url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190712-01-mds-cn"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10292"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/oh73sgtj575obcpsjfx6lx7kp2kzien4/"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2018-12126"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2018-12127"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2018-12130"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11091"
},
{
"trust": 0.9,
"url": "http://www.intel.com/content/www/us/en/homepage.html"
},
{
"trust": 0.9,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646781"
},
{
"trust": 0.9,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646784"
},
{
"trust": 0.9,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667782"
},
{
"trust": 0.9,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705312"
},
{
"trust": 0.9,
"url": "https://aws.amazon.com/security/security-bulletins/aws-2019-004/"
},
{
"trust": 0.9,
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-chrome-os-m75.html"
},
{
"trust": 0.9,
"url": "https://www.vmware.com/security/advisories/vmsa-2019-0008.html"
},
{
"trust": 0.9,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv190013"
},
{
"trust": 0.9,
"url": "https://support.citrix.com/article/ctx251995"
},
{
"trust": 0.9,
"url": "http://xenbits.xen.org/xsa/advisory-297.html"
},
{
"trust": 0.9,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/150"
},
{
"trust": 0.9,
"url": "https://www.chromium.org/chromium-os/mds-on-chromeos"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12126"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11091"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12127"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12130"
},
{
"trust": 0.7,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/mds"
},
{
"trust": 0.6,
"url": "https://usn.ubuntu.com/3985-1/"
},
{
"trust": 0.6,
"url": "http://www.debian.org/security/2019/dsa-4444"
},
{
"trust": 0.6,
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00018.html"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht210119"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156920/gentoo-linux-security-advisory-202003-56.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/intel-amd-processors-information-disclosure-via-performance-measurement-29300"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/80874"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4358/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1118439"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/108330"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0127/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4321/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/81098"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/81030"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26696"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0153/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/152952/ubuntu-security-notice-usn-3985-1.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1107009"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155956/debian-security-advisory-4602-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1812/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/152942/debian-security-advisory-4447-1.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/vulnerabilities/mds"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3882"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3874"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10292"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/oh73sgtj575obcpsjfx6lx7kp2kzien4/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=60201"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3983-1/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2019:1169"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3985-2"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3985-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10132"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10132"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3984-1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3977-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20190618.0ubuntu0.19.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20190618.0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20190618.0ubuntu0.18.10.1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3977-3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20190618.0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3983-1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3983-2"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3982-2"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3982-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1053.57"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9503"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1034.34"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1032.34"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9500"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oem/4.15.0-1038.43"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.15.0-50.54"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3981-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1013.15"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16884"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1039.41"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1036.38"
},
{
"trust": 0.1,
"url": "https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122055"
},
{
"db": "VULMON",
"id": "CVE-2018-12127"
},
{
"db": "BID",
"id": "108330"
},
{
"db": "PACKETSTORM",
"id": "152879"
},
{
"db": "PACKETSTORM",
"id": "152962"
},
{
"db": "PACKETSTORM",
"id": "153248"
},
{
"db": "PACKETSTORM",
"id": "152929"
},
{
"db": "PACKETSTORM",
"id": "153389"
},
{
"db": "PACKETSTORM",
"id": "152939"
},
{
"db": "PACKETSTORM",
"id": "152935"
},
{
"db": "PACKETSTORM",
"id": "152927"
},
{
"db": "PACKETSTORM",
"id": "152919"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-622"
},
{
"db": "NVD",
"id": "CVE-2018-12127"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-122055"
},
{
"db": "VULMON",
"id": "CVE-2018-12127"
},
{
"db": "BID",
"id": "108330"
},
{
"db": "PACKETSTORM",
"id": "152879"
},
{
"db": "PACKETSTORM",
"id": "152962"
},
{
"db": "PACKETSTORM",
"id": "153248"
},
{
"db": "PACKETSTORM",
"id": "152929"
},
{
"db": "PACKETSTORM",
"id": "153389"
},
{
"db": "PACKETSTORM",
"id": "152939"
},
{
"db": "PACKETSTORM",
"id": "152935"
},
{
"db": "PACKETSTORM",
"id": "152927"
},
{
"db": "PACKETSTORM",
"id": "152919"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-622"
},
{
"db": "NVD",
"id": "CVE-2018-12127"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-30T00:00:00",
"db": "VULHUB",
"id": "VHN-122055"
},
{
"date": "2019-05-30T00:00:00",
"db": "VULMON",
"id": "CVE-2018-12127"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108330"
},
{
"date": "2019-05-15T15:05:22",
"db": "PACKETSTORM",
"id": "152879"
},
{
"date": "2019-05-17T13:13:13",
"db": "PACKETSTORM",
"id": "152962"
},
{
"date": "2019-06-11T14:57:40",
"db": "PACKETSTORM",
"id": "153248"
},
{
"date": "2019-05-15T15:42:29",
"db": "PACKETSTORM",
"id": "152929"
},
{
"date": "2019-06-21T18:22:22",
"db": "PACKETSTORM",
"id": "153389"
},
{
"date": "2019-05-15T15:56:00",
"db": "PACKETSTORM",
"id": "152939"
},
{
"date": "2019-05-15T15:47:18",
"db": "PACKETSTORM",
"id": "152935"
},
{
"date": "2019-05-15T15:41:18",
"db": "PACKETSTORM",
"id": "152927"
},
{
"date": "2019-05-15T15:36:06",
"db": "PACKETSTORM",
"id": "152919"
},
{
"date": "2019-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-622"
},
{
"date": "2019-05-30T16:29:00.903000",
"db": "NVD",
"id": "CVE-2018-12127"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-11T00:00:00",
"db": "VULHUB",
"id": "VHN-122055"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-12127"
},
{
"date": "2019-06-28T08:00:00",
"db": "BID",
"id": "108330"
},
{
"date": "2021-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-622"
},
{
"date": "2024-11-21T03:44:38.757000",
"db": "NVD",
"id": "CVE-2018-12127"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108330"
},
{
"db": "PACKETSTORM",
"id": "152962"
},
{
"db": "PACKETSTORM",
"id": "152929"
},
{
"db": "PACKETSTORM",
"id": "153389"
},
{
"db": "PACKETSTORM",
"id": "152939"
},
{
"db": "PACKETSTORM",
"id": "152935"
},
{
"db": "PACKETSTORM",
"id": "152927"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-622"
}
],
"trust": 1.5
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Intel Product Information Disclosure Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-622"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-622"
}
],
"trust": 0.6
}
}
VAR-202106-0344
Vulnerability from variot - Updated: 2025-12-22 20:10Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 6 ELS) - i386, x86_64
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2303-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2303 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ==================================================================== 1. Summary:
An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.6) - x86_64
- Description:
The microcode_ctl packages provide microcode updates for Intel.
Security Fix(es):
-
hw: vt-d related privilege escalation (CVE-2020-24489)
-
hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)
-
hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)
-
hw: information disclosure on some Intel Atom processors (CVE-2020-24513)
Bug Fix(es) and Enhancement(s):
-
Update Intel CPU microcode to microcode-20210525 release
-
Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.6):
Source: microcode_ctl-2.1-47.21.el7_6.src.rpm
x86_64: microcode_ctl-2.1-47.21.el7_6.x86_64.rpm microcode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.6):
Source: microcode_ctl-2.1-47.21.el7_6.src.rpm
x86_64: microcode_ctl-2.1-47.21.el7_6.x86_64.rpm microcode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.6):
Source: microcode_ctl-2.1-47.21.el7_6.src.rpm
x86_64: microcode_ctl-2.1-47.21.el7_6.x86_64.rpm microcode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYMAkptzjgjWX9erEAQjQaxAAiXuFV2AZ5UNVNR29EFFEaHsHDTLaeYNm ibgw81yBpSZopPqtVYoznk9JAYc2YSrgbq0/BxC+rWHRTGPom5lZumlkqc+Nkjon sGx6SXU5q9M/nPutM/p5afTXNaHbZVQojjeP9VIpF1qz94JRcJisrumAW/sS27/v Ie6wqizvXNJZq30FOmgAq3vSXJpvakZYrBZoRvdm3MUx3rqiy/Sn62VtexeJoWJf 7BVF9y24rn2r9BuG6QNKGnYTxuUHAfcTAy5laJZ7EWdpEXcSZG6SV6x40Zdg6TaV 8x6PFSbvb2woGvWfFr5so9I92X1z9MCh4vQ5hmPnoHHREXpDKcDjvmfnStNkKD3F kOvf99Ph7E4Th/NhFwAczspiZEJYbvZ7ZenKQwWd2lGnEzFdPU5g5c3n+WVyN1qZ psD/uZlryQyIUyvRPowGppm/vJfyIiDKr+yUpq3AGscs9ASpnH6120ClaQx3KutT gpUbnKDxAW7UMlg5V4A9y5jJBgW8cZGH4qKc9KeDOj1MOjOhrfClInKhfqqY6YF1 8ulHpTKFyXzFjKBST1PKhCQQ2HhG74GoG147R0yHZw+9T0+o3ovlEQTxD2yVgGua 7LQ/vJotdgvBEaYoWTz6WwphiYQpFbbyQ6E0qplPVJMMmFKhDpNKS+ama5CHnfUF 6I3FlLzt1EU=YG8p -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202106-0344",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "solidfire bios",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "hci compute node bios",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "microcode",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "20210608"
},
{
"model": "fas\\/aff bios",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24512"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "163954"
},
{
"db": "PACKETSTORM",
"id": "163956"
},
{
"db": "PACKETSTORM",
"id": "163031"
},
{
"db": "PACKETSTORM",
"id": "163036"
},
{
"db": "PACKETSTORM",
"id": "163040"
},
{
"db": "PACKETSTORM",
"id": "163044"
},
{
"db": "PACKETSTORM",
"id": "163047"
},
{
"db": "PACKETSTORM",
"id": "163863"
}
],
"trust": 0.8
},
"cve": "CVE-2020-24512",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2020-24512",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-178398",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"id": "CVE-2020-24512",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-24512",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202106-633",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-178398",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-178398"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-633"
},
{
"db": "NVD",
"id": "CVE-2020-24512"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 6 ELS) - i386, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: microcode_ctl security, bug fix and enhancement update\nAdvisory ID: RHSA-2021:2303-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:2303\nIssue date: 2021-06-08\nCVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512\n CVE-2020-24513\n====================================================================\n1. Summary:\n\nAn update for microcode_ctl is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.6) - x86_64\n\n3. Description:\n\nThe microcode_ctl packages provide microcode updates for Intel. \n\nSecurity Fix(es):\n\n* hw: vt-d related privilege escalation (CVE-2020-24489)\n\n* hw: improper isolation of shared resources in some Intel Processors\n(CVE-2020-24511)\n\n* hw: observable timing discrepancy in some Intel Processors\n(CVE-2020-24512)\n\n* hw: information disclosure on some Intel Atom processors (CVE-2020-24513)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Intel CPU microcode to microcode-20210525 release\n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1962650 - CVE-2020-24489 hw: vt-d related privilege escalation\n1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors\n1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors\n1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.6):\n\nSource:\nmicrocode_ctl-2.1-47.21.el7_6.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-47.21.el7_6.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.6):\n\nSource:\nmicrocode_ctl-2.1-47.21.el7_6.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-47.21.el7_6.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.6):\n\nSource:\nmicrocode_ctl-2.1-47.21.el7_6.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-47.21.el7_6.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-24489\nhttps://access.redhat.com/security/cve/CVE-2020-24511\nhttps://access.redhat.com/security/cve/CVE-2020-24512\nhttps://access.redhat.com/security/cve/CVE-2020-24513\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYMAkptzjgjWX9erEAQjQaxAAiXuFV2AZ5UNVNR29EFFEaHsHDTLaeYNm\nibgw81yBpSZopPqtVYoznk9JAYc2YSrgbq0/BxC+rWHRTGPom5lZumlkqc+Nkjon\nsGx6SXU5q9M/nPutM/p5afTXNaHbZVQojjeP9VIpF1qz94JRcJisrumAW/sS27/v\nIe6wqizvXNJZq30FOmgAq3vSXJpvakZYrBZoRvdm3MUx3rqiy/Sn62VtexeJoWJf\n7BVF9y24rn2r9BuG6QNKGnYTxuUHAfcTAy5laJZ7EWdpEXcSZG6SV6x40Zdg6TaV\n8x6PFSbvb2woGvWfFr5so9I92X1z9MCh4vQ5hmPnoHHREXpDKcDjvmfnStNkKD3F\nkOvf99Ph7E4Th/NhFwAczspiZEJYbvZ7ZenKQwWd2lGnEzFdPU5g5c3n+WVyN1qZ\npsD/uZlryQyIUyvRPowGppm/vJfyIiDKr+yUpq3AGscs9ASpnH6120ClaQx3KutT\ngpUbnKDxAW7UMlg5V4A9y5jJBgW8cZGH4qKc9KeDOj1MOjOhrfClInKhfqqY6YF1\n8ulHpTKFyXzFjKBST1PKhCQQ2HhG74GoG147R0yHZw+9T0+o3ovlEQTxD2yVgGua\n7LQ/vJotdgvBEaYoWTz6WwphiYQpFbbyQ6E0qplPVJMMmFKhDpNKS+ama5CHnfUF\n6I3FlLzt1EU=YG8p\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24512"
},
{
"db": "VULHUB",
"id": "VHN-178398"
},
{
"db": "PACKETSTORM",
"id": "163954"
},
{
"db": "PACKETSTORM",
"id": "163956"
},
{
"db": "PACKETSTORM",
"id": "163031"
},
{
"db": "PACKETSTORM",
"id": "163036"
},
{
"db": "PACKETSTORM",
"id": "163040"
},
{
"db": "PACKETSTORM",
"id": "163044"
},
{
"db": "PACKETSTORM",
"id": "163047"
},
{
"db": "PACKETSTORM",
"id": "163863"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-24512",
"trust": 2.5
},
{
"db": "SIEMENS",
"id": "SSA-309571",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "163031",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "163863",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2021.2243",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.2479",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4047",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2088",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2721",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2797",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3443",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2258",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2537",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2905",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2945",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2010",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2672",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021081834",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021080917",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021083127",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021081125",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021062128",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021062701",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "163993",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "163757",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "163772",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-222-05",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-62742",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202106-633",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "163047",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163044",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163040",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163036",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163037",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163042",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163043",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163048",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163032",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163046",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-178398",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163954",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163956",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-178398"
},
{
"db": "PACKETSTORM",
"id": "163954"
},
{
"db": "PACKETSTORM",
"id": "163956"
},
{
"db": "PACKETSTORM",
"id": "163031"
},
{
"db": "PACKETSTORM",
"id": "163036"
},
{
"db": "PACKETSTORM",
"id": "163040"
},
{
"db": "PACKETSTORM",
"id": "163044"
},
{
"db": "PACKETSTORM",
"id": "163047"
},
{
"db": "PACKETSTORM",
"id": "163863"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-633"
},
{
"db": "NVD",
"id": "CVE-2020-24512"
}
]
},
"id": "VAR-202106-0344",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-178398"
}
],
"trust": 0.01
},
"last_update_date": "2025-12-22T20:10:37.529000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Intel Processors Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=153291"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-633"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-203",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-178398"
},
{
"db": "NVD",
"id": "CVE-2020-24512"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"trust": 1.4,
"url": "https://access.redhat.com/security/cve/cve-2020-24512"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2020-24511"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24512"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24489"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2020-24489"
},
{
"trust": 0.8,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24511"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163863/red-hat-security-advisory-2021-3176-01.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-62742"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163757/red-hat-security-advisory-2021-3027-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021081834"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2537"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.2479"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6520482"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2243"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2088"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163772/red-hat-security-advisory-2021-3029-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021062128"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021062701"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4047"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021081125"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021083127"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-222-05"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163993/red-hat-security-advisory-2021-3364-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163031/red-hat-security-advisory-2021-2299-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2905"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2721"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021080917"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/intel-processor-information-disclosure-via-shared-resources-35664"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2945"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2672"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2010"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2258"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2797"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3443"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-24513"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24513"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8696"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8698"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8698"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0549"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-0543"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8695"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8695"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-0549"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0543"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8696"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0548"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-0548"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3323"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3322"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2299"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2300"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2307"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2304"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2303"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3176"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-178398"
},
{
"db": "PACKETSTORM",
"id": "163954"
},
{
"db": "PACKETSTORM",
"id": "163956"
},
{
"db": "PACKETSTORM",
"id": "163031"
},
{
"db": "PACKETSTORM",
"id": "163036"
},
{
"db": "PACKETSTORM",
"id": "163040"
},
{
"db": "PACKETSTORM",
"id": "163044"
},
{
"db": "PACKETSTORM",
"id": "163047"
},
{
"db": "PACKETSTORM",
"id": "163863"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-633"
},
{
"db": "NVD",
"id": "CVE-2020-24512"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-178398"
},
{
"db": "PACKETSTORM",
"id": "163954"
},
{
"db": "PACKETSTORM",
"id": "163956"
},
{
"db": "PACKETSTORM",
"id": "163031"
},
{
"db": "PACKETSTORM",
"id": "163036"
},
{
"db": "PACKETSTORM",
"id": "163040"
},
{
"db": "PACKETSTORM",
"id": "163044"
},
{
"db": "PACKETSTORM",
"id": "163047"
},
{
"db": "PACKETSTORM",
"id": "163863"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-633"
},
{
"db": "NVD",
"id": "CVE-2020-24512"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-09T00:00:00",
"db": "VULHUB",
"id": "VHN-178398"
},
{
"date": "2021-08-31T15:43:48",
"db": "PACKETSTORM",
"id": "163954"
},
{
"date": "2021-08-31T15:44:21",
"db": "PACKETSTORM",
"id": "163956"
},
{
"date": "2021-06-09T13:26:32",
"db": "PACKETSTORM",
"id": "163031"
},
{
"date": "2021-06-09T13:28:02",
"db": "PACKETSTORM",
"id": "163036"
},
{
"date": "2021-06-09T13:40:18",
"db": "PACKETSTORM",
"id": "163040"
},
{
"date": "2021-06-09T13:40:48",
"db": "PACKETSTORM",
"id": "163044"
},
{
"date": "2021-06-09T13:42:12",
"db": "PACKETSTORM",
"id": "163047"
},
{
"date": "2021-08-17T15:19:34",
"db": "PACKETSTORM",
"id": "163863"
},
{
"date": "2021-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-633"
},
{
"date": "2021-06-09T19:15:08.930000",
"db": "NVD",
"id": "CVE-2020-24512"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-09T00:00:00",
"db": "VULHUB",
"id": "VHN-178398"
},
{
"date": "2023-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-633"
},
{
"date": "2021-09-09T12:56:22.933000",
"db": "NVD",
"id": "CVE-2020-24512"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-633"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Processors Information disclosure vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-633"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-633"
}
],
"trust": 0.6
}
}
VAR-202011-1361
Vulnerability from variot - Updated: 2023-11-07 21:08Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Intel(R) There are unspecified vulnerabilities in processor products.Information may be obtained. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2020:5183-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:5183 Issue date: 2020-11-23 CVE Names: CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 =====================================================================
- Summary:
An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.3) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.3) - x86_64
- Description:
The microcode_ctl packages provide microcode updates for Intel.
Security Fix(es):
-
hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)
-
hw: Vector Register Leakage-Active (CVE-2020-8696)
-
hw: Fast forward store predictor (CVE-2020-8698)
Bug Fix(es) and Enhancement(s):
- Update Intel CPU microcode to microcode-20201112 release, addresses:
- Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;
- Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;
- Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;
- Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;
- Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;
- Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;
- Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision 0xe0;
- Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up to 0x2006a08;
- Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up to 0xde;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up to 0xde;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up to 0xe0;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up to 0xde;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from revision 0xd6 up to 0xde;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up to 0xde;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up to 0xde;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up to 0xde;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up to 0xde;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up to 0xde;
- Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode from revision 0x43 up to 0x44;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157 up to 0x1000159;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01 up to 0x4003003;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5002f01 up to 0x5003003;
- Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up to 0x40;
- Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up to 0x1e;
- Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up to 0x34;
- Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up to 0x18;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78 up to 0xa0;
-
Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca up to 0xe0.
-
Disable 06-8c-01 (TGL-UP3/UP4 B1) microcode update by default.
-
Add README file to the documentation directory.
-
Add publicly-sourced codenames list to supply to gen_provides.sh; update the latter to handle the somewhat different format.
-
Add SUMMARY.intel-ucode file
-
Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface 1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active 1890356 - CVE-2020-8698 hw: Fast forward store predictor
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.3):
Source: microcode_ctl-2.1-16.37.el7_3.src.rpm
x86_64: microcode_ctl-2.1-16.37.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.3):
Source: microcode_ctl-2.1-16.37.el7_3.src.rpm
x86_64: microcode_ctl-2.1-16.37.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.3):
Source: microcode_ctl-2.1-16.37.el7_3.src.rpm
x86_64: microcode_ctl-2.1-16.37.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2020-8695 https://access.redhat.com/security/cve/CVE-2020-8696 https://access.redhat.com/security/cve/CVE-2020-8698 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBX7v1LtzjgjWX9erEAQhhzBAAi0jG7U8W+Dm2A/Nq40aoLyRcGknttkV1 0wwy62OR4KUnqiP0gHB8Sjh6UpAPqhLNExc2+B8RyUB23yUe8/PRB1fUqpmf5150 mzwiORZfu572ao7GLskdc4SUydVSqY9QuTK7mTm+HGmOm2XQpics51xWjyfKM/TN 5lrrd3DXxTrXwsjva2tPJcCp9A1s3XAVjK16Fu+FcKvXsgxruUy41YxJMsY8Mxfj pPRzcXdMvPQYhvyv8y1KY2Mz5WMKdpOK83X6Y9iYL6d0g2UT1d3cw8AOHc6GYNFS MhLDUASoII2A4xWkXCOyaocrg58QFctEHGfnxwTU5ZGq/vfOduUSLE881thD+tqD qgQBaz0cp0tNr+nYXvhtyX9XE4ve/lszq5BxqnNF0xi9hP8T5DwZzXnhtZ+aZML2 3WlT3tqgkDE7hZqyqSG8Vd9ZLzVkjmnw7+tqRjIGvzN9eKQxLXg/fPkKeHGh+HOz y0zCBHlZKrKtz0lQHP48W9t6l0Rkh19hW1fIA46rW4C7erDcW78nBMJ2cTAxbBk1 ITTGOIHpUgn3882xKM/yAHUMK25Xkh2va/e8UpafYEazSM4H9T15N87UyCVneKdD s2N1tYHegx85eoOlt24Bw2RBPFHhFGWOtE0McQ09kyDKFyGJXUMqzPhBUvvJz8mE G3KPuKrDU0U= =Vap7 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-4628-2 November 12, 2020
intel-microcode regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 ESM
Summary:
USN-4628-1 introduced a regression in the Intel Microcode for some processors. Unfortunately, that update prevented certain processors in the Intel Tiger Lake family from booting successfully. This update reverts the microcode update for the Tiger Lake processor family.
Please note that the 'dis_ucode_ldr' kernel command line option can be added in the boot menu to disable microcode loading for system recovery.
We apologize for the inconvenience.
Original advisory details:
Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695)
Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696)
Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: intel-microcode 3.20201110.0ubuntu0.20.10.2
Ubuntu 20.04 LTS: intel-microcode 3.20201110.0ubuntu0.20.04.2
Ubuntu 18.04 LTS: intel-microcode 3.20201110.0ubuntu0.18.04.2
Ubuntu 16.04 LTS: intel-microcode 3.20201110.0ubuntu0.16.04.2
Ubuntu 14.04 ESM: intel-microcode 3.20201110.0ubuntu0.14.04.2
After a standard system update you need to reboot your computer to make all the necessary changes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202011-1361",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic ipc477e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "21.01.15"
},
{
"model": "simatic field pg m6",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "hci storage node bios",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "simatic ipc647e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "25.02.08"
},
{
"model": "simatic itp1000",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "23.01.08"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "31"
},
{
"model": "simatic field pg m5",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "22.01.08"
},
{
"model": "hci compute node bios",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "simatic ipc847e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "25.02.08"
},
{
"model": "simatic ipc477e pro",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "21.01.15"
},
{
"model": "simatic ipc677e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "25.02.08"
},
{
"model": "simatic ipc427e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "21.01.15"
},
{
"model": "solidfire bios",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "simatic ipc627e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "25.02.08"
},
{
"model": "microcode",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hci compute node bios",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "solidfire bios",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "clustered data ontap",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "microcode",
"scope": null,
"trust": 0.8,
"vendor": "\u30a4\u30f3\u30c6\u30eb",
"version": null
},
{
"model": "hci storage node bios",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013420"
},
{
"db": "NVD",
"id": "CVE-2020-8698"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "22.01.08",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "22.01.08",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.01.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.01.15",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.01.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.01.15",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.01.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.01.15",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "25.02.08",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "25.02.08",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "25.02.08",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "25.02.08",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "25.02.08",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "25.02.08",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "25.02.08",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "25.02.08",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "23.01.08",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "23.01.08",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8698"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "160018"
},
{
"db": "PACKETSTORM",
"id": "160035"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1657"
}
],
"trust": 0.8
},
"cve": "CVE-2020-8698",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2020-8698",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.9,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-8698",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-8698",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-8698",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-1657",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-8698",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-8698"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013420"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1657"
},
{
"db": "NVD",
"id": "CVE-2020-8698"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Intel(R) There are unspecified vulnerabilities in processor products.Information may be obtained. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: microcode_ctl security, bug fix and enhancement update\nAdvisory ID: RHSA-2020:5183-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:5183\nIssue date: 2020-11-23\nCVE Names: CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 \n=====================================================================\n\n1. Summary:\n\nAn update for microcode_ctl is now available for Red Hat Enterprise Linux\n7.3 Advanced Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.3) - x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.3) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.3) - x86_64\n\n3. Description:\n\nThe microcode_ctl packages provide microcode updates for Intel. \n\nSecurity Fix(es):\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface\n(CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Intel CPU microcode to microcode-20201112 release, addresses:\n - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;\n - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;\n - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;\n - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;\n - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;\n - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;\n - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision\n 0xe0;\n - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in\n intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;\n - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in\n intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up\n to 0x2006a08;\n - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in\n intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;\n - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up\n to 0xe0;\n - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)\n microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from\n revision 0xd6 up to 0xde;\n - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up\n to 0xde;\n - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode\n from revision 0x43 up to 0x44;\n - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157\n up to 0x1000159;\n - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01\n up to 0x4003003;\n - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision\n 0x5002f01 up to 0x5003003;\n - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up\n to 0x40;\n - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up\n to 0x1e;\n - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up\n to 0x34;\n - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up\n to 0x18;\n - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78\n up to 0xa0;\n - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca\n up to 0xe0. \n\n* Disable 06-8c-01 (TGL-UP3/UP4 B1) microcode update by default. \n\n* Add README file to the documentation directory. \n\n* Add publicly-sourced codenames list to supply to gen_provides.sh; update\n the latter to handle the somewhat different format. \n\n* Add SUMMARY.intel-ucode file\n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface\n1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active\n1890356 - CVE-2020-8698 hw: Fast forward store predictor\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.3):\n\nSource:\nmicrocode_ctl-2.1-16.37.el7_3.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-16.37.el7_3.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.3):\n\nSource:\nmicrocode_ctl-2.1-16.37.el7_3.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-16.37.el7_3.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.3):\n\nSource:\nmicrocode_ctl-2.1-16.37.el7_3.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-16.37.el7_3.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-8695\nhttps://access.redhat.com/security/cve/CVE-2020-8696\nhttps://access.redhat.com/security/cve/CVE-2020-8698\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBX7v1LtzjgjWX9erEAQhhzBAAi0jG7U8W+Dm2A/Nq40aoLyRcGknttkV1\n0wwy62OR4KUnqiP0gHB8Sjh6UpAPqhLNExc2+B8RyUB23yUe8/PRB1fUqpmf5150\nmzwiORZfu572ao7GLskdc4SUydVSqY9QuTK7mTm+HGmOm2XQpics51xWjyfKM/TN\n5lrrd3DXxTrXwsjva2tPJcCp9A1s3XAVjK16Fu+FcKvXsgxruUy41YxJMsY8Mxfj\npPRzcXdMvPQYhvyv8y1KY2Mz5WMKdpOK83X6Y9iYL6d0g2UT1d3cw8AOHc6GYNFS\nMhLDUASoII2A4xWkXCOyaocrg58QFctEHGfnxwTU5ZGq/vfOduUSLE881thD+tqD\nqgQBaz0cp0tNr+nYXvhtyX9XE4ve/lszq5BxqnNF0xi9hP8T5DwZzXnhtZ+aZML2\n3WlT3tqgkDE7hZqyqSG8Vd9ZLzVkjmnw7+tqRjIGvzN9eKQxLXg/fPkKeHGh+HOz\ny0zCBHlZKrKtz0lQHP48W9t6l0Rkh19hW1fIA46rW4C7erDcW78nBMJ2cTAxbBk1\nITTGOIHpUgn3882xKM/yAHUMK25Xkh2va/e8UpafYEazSM4H9T15N87UyCVneKdD\ns2N1tYHegx85eoOlt24Bw2RBPFHhFGWOtE0McQ09kyDKFyGJXUMqzPhBUvvJz8mE\nG3KPuKrDU0U=\n=Vap7\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ==========================================================================\nUbuntu Security Notice USN-4628-2\nNovember 12, 2020\n\nintel-microcode regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.10\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 ESM\n\nSummary:\n\nUSN-4628-1 introduced a regression in the Intel Microcode for some processors. Unfortunately,\nthat update prevented certain processors in the Intel Tiger Lake family\nfrom booting successfully. This update reverts the microcode update for\nthe Tiger Lake processor family. \n\nPlease note that the \u0027dis_ucode_ldr\u0027 kernel command line option can be\nadded in the boot menu to disable microcode loading for system recovery. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\n Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine\n Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running\n Average Power Limit (RAPL) feature of some Intel processors allowed a side-\n channel attack based on power consumption measurements. A local attacker\n could possibly use this to expose sensitive information. (CVE-2020-8695)\n \n Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that\n some Intel(R) Processors did not properly remove sensitive information\n before storage or transfer in some situations. A local attacker could\n possibly use this to expose sensitive information. (CVE-2020-8696)\n \n Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that\n some Intel(R) Processors did not properly isolate shared resources in some\n situations. A local attacker could possibly use this to expose sensitive\n information. (CVE-2020-8698)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.10:\n intel-microcode 3.20201110.0ubuntu0.20.10.2\n\nUbuntu 20.04 LTS:\n intel-microcode 3.20201110.0ubuntu0.20.04.2\n\nUbuntu 18.04 LTS:\n intel-microcode 3.20201110.0ubuntu0.18.04.2\n\nUbuntu 16.04 LTS:\n intel-microcode 3.20201110.0ubuntu0.16.04.2\n\nUbuntu 14.04 ESM:\n intel-microcode 3.20201110.0ubuntu0.14.04.2\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8698"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013420"
},
{
"db": "VULMON",
"id": "CVE-2020-8698"
},
{
"db": "PACKETSTORM",
"id": "163924"
},
{
"db": "PACKETSTORM",
"id": "163954"
},
{
"db": "PACKETSTORM",
"id": "163758"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "160191"
},
{
"db": "PACKETSTORM",
"id": "160018"
},
{
"db": "PACKETSTORM",
"id": "160188"
},
{
"db": "PACKETSTORM",
"id": "160035"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-8698",
"trust": 3.3
},
{
"db": "SIEMENS",
"id": "SSA-678983",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU91051134",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013420",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-22-132-05",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "163772",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "160018",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "160035",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "163993",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "163863",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "162588",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "160187",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "163757",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "160407",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2604",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2905",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4124",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4327",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2797",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0423",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2721",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4017",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2355",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4200",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1664",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2945",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3959",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4153",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4033",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2672",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021083127",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021081125",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021080915",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021081834",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-49266",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1657",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-8698",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163924",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163954",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163758",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "160191",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "160188",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-8698"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013420"
},
{
"db": "PACKETSTORM",
"id": "163924"
},
{
"db": "PACKETSTORM",
"id": "163954"
},
{
"db": "PACKETSTORM",
"id": "163758"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "160191"
},
{
"db": "PACKETSTORM",
"id": "160018"
},
{
"db": "PACKETSTORM",
"id": "160188"
},
{
"db": "PACKETSTORM",
"id": "160035"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1657"
},
{
"db": "NVD",
"id": "CVE-2020-8698"
}
]
},
"id": "VAR-202011-1361",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5185185333333333
},
"last_update_date": "2023-11-07T21:08:28.118000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NTAP-20201113-0006 Intel Intel\u00a0Product\u00a0Security\u00a0Center",
"trust": 0.8,
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
},
{
"title": "Intel Processors Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=135724"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205185 - security advisory"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205184 - security advisory"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205189 - security advisory"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205181 - security advisory"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205083 - security advisory"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205084 - security advisory"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205190 - security advisory"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205182 - security advisory"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205183 - security advisory"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205369 - security advisory"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205085 - security advisory"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205188 - security advisory"
},
{
"title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205186 - security advisory"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2020-8698 log"
},
{
"title": "Arch Linux Advisories: [ASA-202102-34] intel-ucode: information disclosure",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-202102-34"
},
{
"title": "Citrix Security Bulletins: Citrix Hypervisor Security Update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=0196318f80fa91831e1ad927f423d728"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=0bfef52a44075162940391ee650c313e"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03705 rev. 6 - BIOS November 2020 Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=892287da75187b64a9430d6c2f52fb94"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03705 rev. 6 - BIOS November 2020 Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=f872c139829b190dd155b5676016edf1"
},
{
"title": "HP: HPSBHF03705 rev. 1 - BIOS November 2020 Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03705"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-8698"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013420"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1657"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-668",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013420"
},
{
"db": "NVD",
"id": "CVE-2020-8698"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8698"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"trust": 1.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/maagik5cxkbpgy3r4ur5vo56m7mklz43/"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/security/cve/cve-2020-8698"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91051134/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8696"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8695"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2020-8695"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2020-8696"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163863/red-hat-security-advisory-2021-3176-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3959/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163757/red-hat-security-advisory-2021-3027-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021081834"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160035/ubuntu-security-notice-usn-4628-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4200/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4153/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160018/ubuntu-security-notice-usn-4628-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163772/red-hat-security-advisory-2021-3029-01.html"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-132-05"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4327/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160187/red-hat-security-advisory-2020-5184-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021081125"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021083127"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2355"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163993/red-hat-security-advisory-2021-3364-01.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/intel-processors-information-disclosure-33881"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4033/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2905"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4017/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/162588/ubuntu-security-notice-usn-4628-3.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4124/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0423"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2721"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021080915"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2604"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2945"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-49266"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2672"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160407/red-hat-security-advisory-2020-5369-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1664"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2797"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-24511"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24512"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-24512"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24489"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-24489"
},
{
"trust": 0.4,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0549"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-0543"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-0549"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0543"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24511"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0548"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-0548"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4628-1"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/668.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-05"
},
{
"trust": 0.1,
"url": "https://support.hp.com/us-en/document/c06962236"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3255"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3323"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3028"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3029"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5181"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.04.1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5183"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4628-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1903883"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.18.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.16.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.10.2"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-8698"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013420"
},
{
"db": "PACKETSTORM",
"id": "163924"
},
{
"db": "PACKETSTORM",
"id": "163954"
},
{
"db": "PACKETSTORM",
"id": "163758"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "160191"
},
{
"db": "PACKETSTORM",
"id": "160018"
},
{
"db": "PACKETSTORM",
"id": "160188"
},
{
"db": "PACKETSTORM",
"id": "160035"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1657"
},
{
"db": "NVD",
"id": "CVE-2020-8698"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2020-8698"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013420"
},
{
"db": "PACKETSTORM",
"id": "163924"
},
{
"db": "PACKETSTORM",
"id": "163954"
},
{
"db": "PACKETSTORM",
"id": "163758"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "160191"
},
{
"db": "PACKETSTORM",
"id": "160018"
},
{
"db": "PACKETSTORM",
"id": "160188"
},
{
"db": "PACKETSTORM",
"id": "160035"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1657"
},
{
"db": "NVD",
"id": "CVE-2020-8698"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-11-12T00:00:00",
"db": "VULMON",
"id": "CVE-2020-8698"
},
{
"date": "2021-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-013420"
},
{
"date": "2021-08-27T19:22:22",
"db": "PACKETSTORM",
"id": "163924"
},
{
"date": "2021-08-31T15:43:48",
"db": "PACKETSTORM",
"id": "163954"
},
{
"date": "2021-08-09T14:15:45",
"db": "PACKETSTORM",
"id": "163758"
},
{
"date": "2021-08-10T14:49:53",
"db": "PACKETSTORM",
"id": "163772"
},
{
"date": "2020-11-24T15:00:08",
"db": "PACKETSTORM",
"id": "160191"
},
{
"date": "2020-11-11T14:59:21",
"db": "PACKETSTORM",
"id": "160018"
},
{
"date": "2020-11-24T14:59:25",
"db": "PACKETSTORM",
"id": "160188"
},
{
"date": "2020-11-12T15:38:50",
"db": "PACKETSTORM",
"id": "160035"
},
{
"date": "2019-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1657"
},
{
"date": "2020-11-12T18:15:00",
"db": "NVD",
"id": "CVE-2020-8698"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-26T00:00:00",
"db": "VULMON",
"id": "CVE-2020-8698"
},
{
"date": "2021-07-02T04:40:00",
"db": "JVNDB",
"id": "JVNDB-2020-013420"
},
{
"date": "2022-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1657"
},
{
"date": "2022-04-26T16:33:00",
"db": "NVD",
"id": "CVE-2020-8698"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "160018"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1657"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel(R)\u00a0 Vulnerabilities in processor products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013420"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1657"
}
],
"trust": 0.6
}
}
CVE-2023-23908 (GCVE-0-2023-23908)
Vulnerability from nvd – Published: 2023-08-11 02:37 – Updated: 2025-02-13 16:44
VLAI?
Summary
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
Severity ?
6 (Medium)
CWE
- information disclosure
- CWE-284 - Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | 3rd Generation Intel(R) Xeon(R) Scalable processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:27.153Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5474"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230824-0003/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23908",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T13:35:03.846038Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T13:40:45.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "3rd Generation Intel(R) Xeon(R) Scalable processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-24T18:06:38.728Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html"
},
{
"url": "https://www.debian.org/security/2023/dsa-5474"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230824-0003/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-23908",
"datePublished": "2023-08-11T02:37:07.578Z",
"dateReserved": "2023-01-27T04:00:04.231Z",
"dateUpdated": "2025-02-13T16:44:11.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40982 (GCVE-0-2022-40982)
Vulnerability from nvd – Published: 2023-08-11 02:37 – Updated: 2025-02-13 16:33
VLAI?
Summary
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
6.5 (Medium)
CWE
- information disclosure
- CWE-1342 - Information exposure through microarchitectural state after transient execution
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://xenbits.xen.org/xsa/advisory-435.html"
},
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://downfall.page"
},
{
"tags": [
"x_transferred"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/solutions/7027704"
},
{
"tags": [
"x_transferred"
],
"url": "https://xenbits.xen.org/xsa/advisory-435.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230811-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5474"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5475"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40982",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-31T20:33:43.011314Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T20:43:52.375Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-1342",
"description": "Information exposure through microarchitectural state after transient execution",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-27T02:06:52.425Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html"
},
{
"url": "https://downfall.page"
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-007/"
},
{
"url": "https://access.redhat.com/solutions/7027704"
},
{
"url": "https://xenbits.xen.org/xsa/advisory-435.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230811-0001/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5474"
},
{
"url": "https://www.debian.org/security/2023/dsa-5475"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-40982",
"datePublished": "2023-08-11T02:37:05.423Z",
"dateReserved": "2022-09-27T00:28:29.203Z",
"dateUpdated": "2025-02-13T16:33:03.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-24512 (GCVE-0-2020-24512)
Vulnerability from nvd – Published: 2021-06-09 18:53 – Updated: 2024-08-04 15:12
VLAI?
Summary
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
No CVSS data available.
CWE
- information disclosure
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:09.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"name": "DSA-4934",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-10T11:06:20",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"name": "DSA-4934",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-24512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210611-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"name": "DSA-4934",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-24512",
"datePublished": "2021-06-09T18:53:59",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-08-04T15:12:09.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-24511 (GCVE-0-2020-24511)
Vulnerability from nvd – Published: 2021-06-09 18:53 – Updated: 2024-08-04 15:12
VLAI?
Summary
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
No CVSS data available.
CWE
- information disclosure
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:09.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"name": "DSA-4934",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-10T11:06:39",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"name": "DSA-4934",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-24511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210611-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"name": "DSA-4934",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-24511",
"datePublished": "2021-06-09T18:53:53",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-08-04T15:12:09.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8698 (GCVE-0-2020-8698)
Vulnerability from nvd – Published: 2020-11-12 18:01 – Updated: 2024-08-04 10:03
VLAI?
Summary
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
No CVSS data available.
CWE
- information disclosure
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-11T12:06:29",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-8698",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"name": "https://security.netapp.com/advisory/ntap-20201113-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-8698",
"datePublished": "2020-11-12T18:01:55",
"dateReserved": "2020-02-06T00:00:00",
"dateUpdated": "2024-08-04T10:03:46.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8696 (GCVE-0-2020-8696)
Vulnerability from nvd – Published: 2020-11-12 18:02 – Updated: 2024-08-04 10:03
VLAI?
Summary
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
No CVSS data available.
CWE
- information disclosure
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-05T20:06:12",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-8696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"name": "https://security.netapp.com/advisory/ntap-20201113-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-8696",
"datePublished": "2020-11-12T18:02:06",
"dateReserved": "2020-02-06T00:00:00",
"dateUpdated": "2024-08-04T10:03:46.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23908 (GCVE-0-2023-23908)
Vulnerability from cvelistv5 – Published: 2023-08-11 02:37 – Updated: 2025-02-13 16:44
VLAI?
Summary
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
Severity ?
6 (Medium)
CWE
- information disclosure
- CWE-284 - Improper access control
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | 3rd Generation Intel(R) Xeon(R) Scalable processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:27.153Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5474"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230824-0003/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23908",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T13:35:03.846038Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T13:40:45.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "3rd Generation Intel(R) Xeon(R) Scalable processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-24T18:06:38.728Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html"
},
{
"url": "https://www.debian.org/security/2023/dsa-5474"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230824-0003/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-23908",
"datePublished": "2023-08-11T02:37:07.578Z",
"dateReserved": "2023-01-27T04:00:04.231Z",
"dateUpdated": "2025-02-13T16:44:11.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40982 (GCVE-0-2022-40982)
Vulnerability from cvelistv5 – Published: 2023-08-11 02:37 – Updated: 2025-02-13 16:33
VLAI?
Summary
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
6.5 (Medium)
CWE
- information disclosure
- CWE-1342 - Information exposure through microarchitectural state after transient execution
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://xenbits.xen.org/xsa/advisory-435.html"
},
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://downfall.page"
},
{
"tags": [
"x_transferred"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/solutions/7027704"
},
{
"tags": [
"x_transferred"
],
"url": "https://xenbits.xen.org/xsa/advisory-435.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230811-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5474"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5475"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40982",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-31T20:33:43.011314Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T20:43:52.375Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-1342",
"description": "Information exposure through microarchitectural state after transient execution",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-27T02:06:52.425Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html"
},
{
"url": "https://downfall.page"
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-007/"
},
{
"url": "https://access.redhat.com/solutions/7027704"
},
{
"url": "https://xenbits.xen.org/xsa/advisory-435.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230811-0001/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5474"
},
{
"url": "https://www.debian.org/security/2023/dsa-5475"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-40982",
"datePublished": "2023-08-11T02:37:05.423Z",
"dateReserved": "2022-09-27T00:28:29.203Z",
"dateUpdated": "2025-02-13T16:33:03.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-24512 (GCVE-0-2020-24512)
Vulnerability from cvelistv5 – Published: 2021-06-09 18:53 – Updated: 2024-08-04 15:12
VLAI?
Summary
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
No CVSS data available.
CWE
- information disclosure
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:09.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"name": "DSA-4934",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-10T11:06:20",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"name": "DSA-4934",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-24512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210611-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"name": "DSA-4934",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-24512",
"datePublished": "2021-06-09T18:53:59",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-08-04T15:12:09.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-24511 (GCVE-0-2020-24511)
Vulnerability from cvelistv5 – Published: 2021-06-09 18:53 – Updated: 2024-08-04 15:12
VLAI?
Summary
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
No CVSS data available.
CWE
- information disclosure
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:09.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"name": "DSA-4934",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-10T11:06:39",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"name": "DSA-4934",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-24511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210611-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210611-0005/"
},
{
"name": "DSA-4934",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-24511",
"datePublished": "2021-06-09T18:53:53",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-08-04T15:12:09.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8696 (GCVE-0-2020-8696)
Vulnerability from cvelistv5 – Published: 2020-11-12 18:02 – Updated: 2024-08-04 10:03
VLAI?
Summary
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
No CVSS data available.
CWE
- information disclosure
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-05T20:06:12",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-8696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"name": "https://security.netapp.com/advisory/ntap-20201113-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-8696",
"datePublished": "2020-11-12T18:02:06",
"dateReserved": "2020-02-06T00:00:00",
"dateUpdated": "2024-08-04T10:03:46.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8698 (GCVE-0-2020-8698)
Vulnerability from cvelistv5 – Published: 2020-11-12 18:01 – Updated: 2024-08-04 10:03
VLAI?
Summary
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
No CVSS data available.
CWE
- information disclosure
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-11T12:06:29",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-8698",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"name": "https://security.netapp.com/advisory/ntap-20201113-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-8698",
"datePublished": "2020-11-12T18:01:55",
"dateReserved": "2020-02-06T00:00:00",
"dateUpdated": "2024-08-04T10:03:46.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}