CVE-2018-12127 (GCVE-0-2018-12127)

Vulnerability from cvelistv5 – Published: 2019-05-30 15:38 – Updated: 2026-05-29 20:09
VLAI
Summary
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
Severity
5.6 (Medium)
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CWE
  • Information Disclosure
Assigner
References
URL Tags
https://www.intel.com/content/www/us/en/security-… x_refsource_CONFIRM
https://www.synology.com/security/advisory/Synolo… x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
https://access.redhat.com/errata/RHSA-2019:1455 vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3977-3/ vendor-advisoryx_refsource_UBUNTU
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
https://seclists.org/bugtraq/2019/Jun/28 mailing-listx_refsource_BUGTRAQ
https://seclists.org/bugtraq/2019/Jun/36 mailing-listx_refsource_BUGTRAQ
http://www.arubanetworks.com/assets/alert/ARUBA-P… x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/s… x_refsource_CONFIRM
http://www.huawei.com/en/psirt/security-advisorie… x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
https://www.freebsd.org/security/advisories/FreeB… vendor-advisoryx_refsource_FREEBSD
https://access.redhat.com/errata/RHSA-2019:2553 vendor-advisoryx_refsource_REDHAT
https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/s… x_refsource_CONFIRM
https://security.FreeBSD.org/advisories/FreeBSD-S… vendor-advisoryx_refsource_FREEBSD
https://seclists.org/bugtraq/2019/Nov/16 mailing-listx_refsource_BUGTRAQ
https://seclists.org/bugtraq/2019/Nov/15 mailing-listx_refsource_BUGTRAQ
http://packetstormsecurity.com/files/155281/FreeB… x_refsource_MISC
https://www.debian.org/security/2020/dsa-4602 vendor-advisoryx_refsource_DEBIAN
https://seclists.org/bugtraq/2020/Jan/21 mailing-listx_refsource_BUGTRAQ
https://security.gentoo.org/glsa/202003-56 vendor-advisoryx_refsource_GENTOO
Impacted products
Vendor Product Version
Intel Corporation Central Processing Units (CPUs) Affected: A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
Create a notification for this product.
Date Public
2019-05-14 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:30:57.404Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/security/advisory/Synology_SA_19_24"
          },
          {
            "name": "FEDORA-2019-1f5832fc0e",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/"
          },
          {
            "name": "openSUSE-SU-2019:1505",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html"
          },
          {
            "name": "RHSA-2019:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1455"
          },
          {
            "name": "USN-3977-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3977-3/"
          },
          {
            "name": "[debian-lts-announce] 20190620 [SECURITY] [DLA 1789-2] intel-microcode security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html"
          },
          {
            "name": "20190624 [SECURITY] [DSA 4447-2] intel-microcode security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jun/28"
          },
          {
            "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jun/36"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en"
          },
          {
            "name": "openSUSE-SU-2019:1805",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html"
          },
          {
            "name": "openSUSE-SU-2019:1806",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html"
          },
          {
            "name": "FreeBSD-SA-19:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc"
          },
          {
            "name": "RHSA-2019:2553",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2553"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
          },
          {
            "name": "FreeBSD-SA-19:26",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc"
          },
          {
            "name": "20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Nov/16"
          },
          {
            "name": "20191112 [SECURITY] [DSA 4564-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Nov/15"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html"
          },
          {
            "name": "DSA-4602",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4602"
          },
          {
            "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2020/Jan/21"
          },
          {
            "name": "GLSA-202003-56",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202003-56"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 5.6,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2018-12127",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-29T20:09:05.387062Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-200",
                "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-29T20:09:09.875Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Central Processing Units (CPUs)",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf"
            }
          ]
        }
      ],
      "datePublic": "2019-05-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-26T14:06:07.000Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/security/advisory/Synology_SA_19_24"
        },
        {
          "name": "FEDORA-2019-1f5832fc0e",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/"
        },
        {
          "name": "openSUSE-SU-2019:1505",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html"
        },
        {
          "name": "RHSA-2019:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1455"
        },
        {
          "name": "USN-3977-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3977-3/"
        },
        {
          "name": "[debian-lts-announce] 20190620 [SECURITY] [DLA 1789-2] intel-microcode security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html"
        },
        {
          "name": "20190624 [SECURITY] [DSA 4447-2] intel-microcode security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jun/28"
        },
        {
          "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jun/36"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en"
        },
        {
          "name": "openSUSE-SU-2019:1805",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html"
        },
        {
          "name": "openSUSE-SU-2019:1806",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html"
        },
        {
          "name": "FreeBSD-SA-19:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc"
        },
        {
          "name": "RHSA-2019:2553",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2553"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
        },
        {
          "name": "FreeBSD-SA-19:26",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc"
        },
        {
          "name": "20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Nov/16"
        },
        {
          "name": "20191112 [SECURITY] [DSA 4564-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Nov/15"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html"
        },
        {
          "name": "DSA-4602",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4602"
        },
        {
          "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2020/Jan/21"
        },
        {
          "name": "GLSA-202003-56",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202003-56"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2018-12127",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Central Processing Units (CPUs)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
            },
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_19_24",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_24"
            },
            {
              "name": "FEDORA-2019-1f5832fc0e",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/"
            },
            {
              "name": "openSUSE-SU-2019:1505",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html"
            },
            {
              "name": "RHSA-2019:1455",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1455"
            },
            {
              "name": "USN-3977-3",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3977-3/"
            },
            {
              "name": "[debian-lts-announce] 20190620 [SECURITY] [DLA 1789-2] intel-microcode security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html"
            },
            {
              "name": "20190624 [SECURITY] [DSA 4447-2] intel-microcode security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jun/28"
            },
            {
              "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jun/36"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en"
            },
            {
              "name": "openSUSE-SU-2019:1805",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html"
            },
            {
              "name": "openSUSE-SU-2019:1806",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html"
            },
            {
              "name": "FreeBSD-SA-19:07",
              "refsource": "FREEBSD",
              "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc"
            },
            {
              "name": "RHSA-2019:2553",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2553"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
            },
            {
              "name": "FreeBSD-SA-19:26",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc"
            },
            {
              "name": "20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Nov/16"
            },
            {
              "name": "20191112 [SECURITY] [DSA 4564-1] linux security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Nov/15"
            },
            {
              "name": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html"
            },
            {
              "name": "DSA-4602",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4602"
            },
            {
              "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2020/Jan/21"
            },
            {
              "name": "GLSA-202003-56",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202003-56"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-12127",
    "datePublished": "2019-05-30T15:38:38.000Z",
    "dateReserved": "2018-06-11T00:00:00.000Z",
    "dateUpdated": "2026-05-29T20:09:09.875Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2018-12127",
      "date": "2026-05-30",
      "epss": "0.00515",
      "percentile": "0.66938"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-12127\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2019-05-30T16:29:00.903\",\"lastModified\":\"2026-05-29T21:16:31.473\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\"},{\"lang\":\"es\",\"value\":\"En Microarchitectural Load Port Data Sampling (MLPDS): los puertos de carga en algunos microprocesadores que usan ejecuci\u00f3n especulativa pueden permitir que un usuario autenticado active potencialmente la divulgaci\u00f3n de informaci\u00f3n por medio de un canal lateral con acceso local. Puede encontrar una lista de los productos impactados aqu\u00ed: https://www.intel.com/content/dam/www/public/us/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.1,\"impactScore\":4.0}],\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.1,\"impactScore\":4.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:N/A:N\",\"baseScore\":4.7,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:microarchitectural_load_port_data_sampling_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B69C4A00-DC25-4DF1-8AC7-6ACD9E26379A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:microarchitectural_load_port_data_sampling:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C41A27E-7EE0-4998-94A1-B53B3C8E1049\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D100F7CE-FC64-4CC6-852A-6136D72DA419\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html\",\"source\":\"secure@intel.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html\",\"source\":\"secure@intel.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html\",\"source\":\"secure@intel.com\"},{\"url\":\"http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html\",\"source\":\"secure@intel.com\"},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt\",\"source\":\"secure@intel.com\"},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en\",\"source\":\"secure@intel.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1455\",\"source\":\"secure@intel.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2553\",\"source\":\"secure@intel.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\",\"source\":\"secure@intel.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf\",\"source\":\"secure@intel.com\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292\",\"source\":\"secure@intel.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html\",\"source\":\"secure@intel.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/\",\"source\":\"secure@intel.com\"},{\"url\":\"https://seclists.org/bugtraq/2019/Jun/28\",\"source\":\"secure@intel.com\"},{\"url\":\"https://seclists.org/bugtraq/2019/Jun/36\",\"source\":\"secure@intel.com\"},{\"url\":\"https://seclists.org/bugtraq/2019/Nov/15\",\"source\":\"secure@intel.com\"},{\"url\":\"https://seclists.org/bugtraq/2019/Nov/16\",\"source\":\"secure@intel.com\"},{\"url\":\"https://seclists.org/bugtraq/2020/Jan/21\",\"source\":\"secure@intel.com\"},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc\",\"source\":\"secure@intel.com\"},{\"url\":\"https://security.gentoo.org/glsa/202003-56\",\"source\":\"secure@intel.com\"},{\"url\":\"https://usn.ubuntu.com/3977-3/\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.debian.org/security/2020/dsa-4602\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_19_24\",\"source\":\"secure@intel.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1455\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2553\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2019/Jun/28\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2019/Jun/36\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2019/Nov/15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2019/Nov/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2020/Jan/21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202003-56\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3977-3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2020/dsa-4602\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_19_24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_19_24\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/\", \"name\": \"FEDORA-2019-1f5832fc0e\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html\", \"name\": \"openSUSE-SU-2019:1505\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1455\", \"name\": \"RHSA-2019:1455\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3977-3/\", \"name\": \"USN-3977-3\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html\", \"name\": \"[debian-lts-announce] 20190620 [SECURITY] [DLA 1789-2] intel-microcode security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/28\", \"name\": \"20190624 [SECURITY] [DSA 4447-2] intel-microcode security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/36\", \"name\": \"20190624 [SECURITY] [DSA 4469-1] libvirt security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html\", \"name\": \"openSUSE-SU-2019:1805\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html\", \"name\": \"openSUSE-SU-2019:1806\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc\", \"name\": \"FreeBSD-SA-19:07\", \"tags\": [\"vendor-advisory\", \"x_refsource_FREEBSD\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2553\", \"name\": \"RHSA-2019:2553\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc\", \"name\": \"FreeBSD-SA-19:26\", \"tags\": [\"vendor-advisory\", \"x_refsource_FREEBSD\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/16\", \"name\": \"20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/15\", \"name\": \"20191112 [SECURITY] [DSA 4564-1] linux security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2020/dsa-4602\", \"name\": \"DSA-4602\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2020/Jan/21\", \"name\": \"20200114 [SECURITY] [DSA 4602-1] xen security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202003-56\", \"name\": \"GLSA-202003-56\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T08:30:57.404Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.6, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2018-12127\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-29T20:09:05.387062Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-29T20:09:02.325Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Intel Corporation\", \"product\": \"Central Processing Units (CPUs)\", \"versions\": [{\"status\": \"affected\", \"version\": \"A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\"}]}], \"datePublic\": \"2019-05-14T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_19_24\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/\", \"name\": \"FEDORA-2019-1f5832fc0e\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html\", \"name\": \"openSUSE-SU-2019:1505\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1455\", \"name\": \"RHSA-2019:1455\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://usn.ubuntu.com/3977-3/\", \"name\": \"USN-3977-3\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html\", \"name\": \"[debian-lts-announce] 20190620 [SECURITY] [DLA 1789-2] intel-microcode security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/28\", \"name\": \"20190624 [SECURITY] [DSA 4447-2] intel-microcode security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/36\", \"name\": \"20190624 [SECURITY] [DSA 4469-1] libvirt security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html\", \"name\": \"openSUSE-SU-2019:1805\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html\", \"name\": \"openSUSE-SU-2019:1806\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc\", \"name\": \"FreeBSD-SA-19:07\", \"tags\": [\"vendor-advisory\", \"x_refsource_FREEBSD\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2553\", \"name\": \"RHSA-2019:2553\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc\", \"name\": \"FreeBSD-SA-19:26\", \"tags\": [\"vendor-advisory\", \"x_refsource_FREEBSD\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/16\", \"name\": \"20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/15\", \"name\": \"20191112 [SECURITY] [DSA 4564-1] linux security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.debian.org/security/2020/dsa-4602\", \"name\": \"DSA-4602\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://seclists.org/bugtraq/2020/Jan/21\", \"name\": \"20200114 [SECURITY] [DSA 4602-1] xen security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://security.gentoo.org/glsa/202003-56\", \"name\": \"GLSA-202003-56\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Information Disclosure\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2020-03-26T14:06:07.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\"}]}, \"product_name\": \"Central Processing Units (CPUs)\"}]}, \"vendor_name\": \"Intel Corporation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html\", \"name\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_19_24\", \"name\": \"https://www.synology.com/security/advisory/Synology_SA_19_24\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/\", \"name\": \"FEDORA-2019-1f5832fc0e\", \"refsource\": \"FEDORA\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html\", \"name\": \"openSUSE-SU-2019:1505\", \"refsource\": \"SUSE\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1455\", \"name\": \"RHSA-2019:1455\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://usn.ubuntu.com/3977-3/\", \"name\": \"USN-3977-3\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html\", \"name\": \"[debian-lts-announce] 20190620 [SECURITY] [DLA 1789-2] intel-microcode security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/28\", \"name\": \"20190624 [SECURITY] [DSA 4447-2] intel-microcode security update\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/36\", \"name\": \"20190624 [SECURITY] [DSA 4469-1] libvirt security update\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt\", \"name\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en\", \"name\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html\", \"name\": \"openSUSE-SU-2019:1805\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html\", \"name\": \"openSUSE-SU-2019:1806\", \"refsource\": \"SUSE\"}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc\", \"name\": \"FreeBSD-SA-19:07\", \"refsource\": \"FREEBSD\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2553\", \"name\": \"RHSA-2019:2553\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292\", \"name\": \"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc\", \"name\": \"FreeBSD-SA-19:26\", \"refsource\": \"FREEBSD\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/16\", \"name\": \"20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/15\", \"name\": \"20191112 [SECURITY] [DSA 4564-1] linux security update\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html\", \"name\": \"http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.debian.org/security/2020/dsa-4602\", \"name\": \"DSA-4602\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://seclists.org/bugtraq/2020/Jan/21\", \"name\": \"20200114 [SECURITY] [DSA 4602-1] xen security update\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"https://security.gentoo.org/glsa/202003-56\", \"name\": \"GLSA-202003-56\", \"refsource\": \"GENTOO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Information Disclosure\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2018-12127\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@intel.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2018-12127\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-29T20:09:09.875Z\", \"dateReserved\": \"2018-06-11T00:00:00.000Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2019-05-30T15:38:38.000Z\", \"assignerShortName\": \"intel\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.