ID CVE-2020-8698
Summary Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
Vulnerable Configurations
  • cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*
  • cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*
    cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
  • cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*
    cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*
  • cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
    cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
  • cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*
    cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*
  • cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*
    cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*
  • cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*
    cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*
  • cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*
    cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 21-07-2021 - 11:39)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:N/A:N
redhat via4
advisories
  • bugzilla
    id 1890356
    title CVE-2020-8698 hw: Fast forward store predictor
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • comment microcode_ctl is earlier than 2:2.1-73.2.el7_9
        oval oval:com.redhat.rhsa:tst:20205083001
      • comment microcode_ctl is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhea:tst:20193845002
    rhsa
    id RHSA-2020:5083
    released 2020-11-11
    severity Moderate
    title RHSA-2020:5083: microcode_ctl security, bug fix, and enhancement update (Moderate)
  • bugzilla
    id 1890356
    title CVE-2020-8698 hw: Fast forward store predictor
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment microcode_ctl is earlier than 2:1.17-33.31.el6_10
        oval oval:com.redhat.rhsa:tst:20205084001
      • comment microcode_ctl is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhea:tst:20193845002
    rhsa
    id RHSA-2020:5084
    released 2020-11-11
    severity Moderate
    title RHSA-2020:5084: microcode_ctl security, bug fix, and enhancement update (Moderate)
  • bugzilla
    id 1890356
    title CVE-2020-8698 hw: Fast forward store predictor
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • comment microcode_ctl is earlier than 4:20200609-2.20201027.1.el8_3
        oval oval:com.redhat.rhsa:tst:20205085001
      • comment microcode_ctl is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhea:tst:20193845002
    rhsa
    id RHSA-2020:5085
    released 2020-11-11
    severity Moderate
    title RHSA-2020:5085: microcode_ctl security, bug fix and enhancement update (Moderate)
rpms
  • microcode_ctl-2:2.1-73.2.el7_9
  • microcode_ctl-debuginfo-2:2.1-73.2.el7_9
  • microcode_ctl-2:1.17-33.31.el6_10
  • microcode_ctl-debuginfo-2:1.17-33.31.el6_10
  • microcode_ctl-4:20200609-2.20201027.1.el8_3
  • microcode_ctl-2:2.1-47.18.el7_6
  • microcode_ctl-debuginfo-2:2.1-47.18.el7_6
  • microcode_ctl-2:2.1-22.36.el7_4
  • microcode_ctl-debuginfo-2:2.1-22.36.el7_4
  • microcode_ctl-2:2.1-16.37.el7_3
  • microcode_ctl-debuginfo-2:2.1-16.37.el7_3
  • microcode_ctl-2:1.17-19.32.el6_6
  • microcode_ctl-debuginfo-2:1.17-19.32.el6_6
  • microcode_ctl-4:20191115-4.20201112.1.el8_2
  • microcode_ctl-4:20180807a-2.20201112.1.el8_0
  • microcode_ctl-2:2.1-12.34.el7_2
  • microcode_ctl-debuginfo-2:2.1-12.34.el7_2
  • microcode_ctl-2:1.17-17.34.el6_5
  • microcode_ctl-debuginfo-2:1.17-17.34.el6_5
  • microcode_ctl-2:2.1-53.13.el7_7
  • microcode_ctl-debuginfo-2:2.1-53.13.el7_7
  • microcode_ctl-4:20190618-1.20201112.1.el8_1
refmap via4
confirm https://security.netapp.com/advisory/ntap-20201113-0006/
fedora FEDORA-2020-14fda1bf85
misc https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381
Last major update 21-07-2021 - 11:39
Published 12-11-2020 - 18:15
Last modified 21-07-2021 - 11:39
Back to Top