CVE-2020-8698 - Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user t

CVE-2020-8698

Summary

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

References

Vulnerable Configurations

cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*
cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:22.01.01:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:22.01.01:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:22.01.02:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:22.01.02:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:22.01.03:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:22.01.03:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:22.01.04:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:22.01.04:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:22.01.05:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:22.01.05:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:22.01.06:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:22.01.06:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.03:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.03:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.05:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.05:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.06:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.06:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.07:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.07:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.08:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.08:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.09:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.09:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.14:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc427e_firmware:21.01.14:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.03:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.03:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.05:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.05:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.06:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.06:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.07:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.07:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.08:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.08:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.09:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.09:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.14:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_firmware:21.01.14:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:21.01.09:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:21.01.09:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:21.01.14:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:21.01.14:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc627e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc627e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc627e_firmware:25.02.06:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc627e_firmware:25.02.06:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc647e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc647e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc647e_firmware:25.02.06:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc647e_firmware:25.02.06:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc677e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc677e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc677e_firmware:25.02.06:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc677e_firmware:25.02.06:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc847e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc847e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc847e_firmware:25.02.06:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_ipc847e_firmware:25.02.06:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_itp1000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_itp1000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_itp1000_firmware:23.01.04:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_itp1000_firmware:23.01.04:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 26-04-2022 - 16:33)
Impact:
Exploitability:

CWE

CWE-668

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:N/A:N

redhat via4

advisories

bugzilla

id	1890356
title	CVE-2020-8698 hw: Fast forward store predictor

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027
comment microcode_ctl is earlier than 2:2.1-73.2.el7_9
oval oval:com.redhat.rhsa:tst:20205083001
comment microcode_ctl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhea:tst:20193845002

rhsa

id	RHSA-2020:5083
released	2020-11-11
severity	Moderate
title	RHSA-2020:5083: microcode_ctl security, bug fix, and enhancement update (Moderate)

bugzilla

id	1890356
title	CVE-2020-8698 hw: Fast forward store predictor

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003
comment microcode_ctl is earlier than 2:1.17-33.31.el6_10
oval oval:com.redhat.rhsa:tst:20205084001
comment microcode_ctl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhea:tst:20193845002

rhsa

id	RHSA-2020:5084
released	2020-11-11
severity	Moderate
title	RHSA-2020:5084: microcode_ctl security, bug fix, and enhancement update (Moderate)

bugzilla

id	1890356
title	CVE-2020-8698 hw: Fast forward store predictor

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 8 is installed
oval oval:com.redhat.rhba:tst:20193384074
comment microcode_ctl is earlier than 4:20200609-2.20201027.1.el8_3
oval oval:com.redhat.rhsa:tst:20205085001
comment microcode_ctl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhea:tst:20193845002

rhsa

id	RHSA-2020:5085
released	2020-11-11
severity	Moderate
title	RHSA-2020:5085: microcode_ctl security, bug fix and enhancement update (Moderate)

rpms

microcode_ctl-2:2.1-73.2.el7_9
microcode_ctl-debuginfo-2:2.1-73.2.el7_9
microcode_ctl-2:1.17-33.31.el6_10
microcode_ctl-debuginfo-2:1.17-33.31.el6_10
microcode_ctl-4:20200609-2.20201027.1.el8_3
microcode_ctl-2:2.1-47.18.el7_6
microcode_ctl-debuginfo-2:2.1-47.18.el7_6
microcode_ctl-2:2.1-22.36.el7_4
microcode_ctl-debuginfo-2:2.1-22.36.el7_4
microcode_ctl-2:2.1-16.37.el7_3
microcode_ctl-debuginfo-2:2.1-16.37.el7_3
microcode_ctl-2:1.17-19.32.el6_6
microcode_ctl-debuginfo-2:1.17-19.32.el6_6
microcode_ctl-4:20191115-4.20201112.1.el8_2
microcode_ctl-4:20180807a-2.20201112.1.el8_0
microcode_ctl-2:2.1-12.34.el7_2
microcode_ctl-debuginfo-2:2.1-12.34.el7_2
microcode_ctl-2:1.17-17.34.el6_5
microcode_ctl-debuginfo-2:1.17-17.34.el6_5
microcode_ctl-2:2.1-53.13.el7_7
microcode_ctl-debuginfo-2:2.1-53.13.el7_7
microcode_ctl-4:20190618-1.20201112.1.el8_1

refmap via4

confirm	https://security.netapp.com/advisory/ntap-20201113-0006/
fedora	FEDORA-2020-14fda1bf85
misc	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381

Last major update

26-04-2022 - 16:33

Published

12-11-2020 - 18:15

Last modified

26-04-2022 - 16:33