cnvd - cnvd-2019-22231

cnvd-2019-22231

Vulnerability from cnvd

Title: 多款Intel产品信息泄露漏洞（CNVD-2019-22231）

Description:

Intel Xeon Scalable Processors等都是美国英特尔（Intel）公司的产品。Intel Xeon Scalable Processors是一款可扩展服务器中央处理器（CPU）。Intel Xeon Processor E7 v4 Family是一款Xeon E7系列服务器中央处理器（CPU）。Intel Xeon Processor E5 v4 Family是一款Xeon E5系列服务器中央处理器（CPU）。

多款Intel产品中存在信息泄露漏洞。该漏洞源于网络系统或产品在运行过程中存在配置等错误。未授权的攻击者可利用漏洞获取受影响组件敏感信息。

Severity: 中

Patch Name: 多款Intel产品信息泄露漏洞（CNVD-2019-22231）的补丁

Patch Description:

多款Intel产品中存在信息泄露漏洞。该漏洞源于网络系统或产品在运行过程中存在配置等错误。未授权的攻击者可利用漏洞获取受影响组件敏感信息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https：//wiki.ubuntu.com/Security/Upgrades

Reference: https://usn.ubuntu.com/3977-1/

Impacted products

Name
['Intel Xeon Scalable Processors', 'Intel 6th generation Core processors 0', 'Intel 5th generation Core processors 0', 'Intel 8th generation Core processors 0', 'Intel 7th generation Core processors 0', 'Intel Xeon Processor E3 v6 Family 0', 'Intel Xeon Processor E5 v4 Family 0', 'Intel Xeon Processor E7 v4 Family 0', 'Intel Xeon Processor E3 v4 Family']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-12126"
    }
  },
  "description": "Intel Xeon Scalable Processors\u7b49\u90fd\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Intel Xeon Scalable Processors\u662f\u4e00\u6b3e\u53ef\u6269\u5c55\u670d\u52a1\u5668\u4e2d\u592e\u5904\u7406\u5668\uff08CPU\uff09\u3002Intel Xeon Processor E7 v4 Family\u662f\u4e00\u6b3eXeon E7\u7cfb\u5217\u670d\u52a1\u5668\u4e2d\u592e\u5904\u7406\u5668\uff08CPU\uff09\u3002Intel Xeon Processor E5 v4 Family\u662f\u4e00\u6b3eXeon E5\u7cfb\u5217\u670d\u52a1\u5668\u4e2d\u592e\u5904\u7406\u5668\uff08CPU\uff09\u3002\n\n\u591a\u6b3eIntel\u4ea7\u54c1\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u5728\u8fd0\u884c\u8fc7\u7a0b\u4e2d\u5b58\u5728\u914d\u7f6e\u7b49\u9519\u8bef\u3002\u672a\u6388\u6743\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u83b7\u53d6\u53d7\u5f71\u54cd\u7ec4\u4ef6\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "unknwon",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps\uff1a//wiki.ubuntu.com/Security/Upgrades",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-22231",
  "openTime": "2019-07-12",
  "patchDescription": "Intel Xeon Scalable Processors\u7b49\u90fd\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Intel Xeon Scalable Processors\u662f\u4e00\u6b3e\u53ef\u6269\u5c55\u670d\u52a1\u5668\u4e2d\u592e\u5904\u7406\u5668\uff08CPU\uff09\u3002Intel Xeon Processor E7 v4 Family\u662f\u4e00\u6b3eXeon E7\u7cfb\u5217\u670d\u52a1\u5668\u4e2d\u592e\u5904\u7406\u5668\uff08CPU\uff09\u3002Intel Xeon Processor E5 v4 Family\u662f\u4e00\u6b3eXeon E5\u7cfb\u5217\u670d\u52a1\u5668\u4e2d\u592e\u5904\u7406\u5668\uff08CPU\uff09\u3002\r\n\r\n\u591a\u6b3eIntel\u4ea7\u54c1\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u5728\u8fd0\u884c\u8fc7\u7a0b\u4e2d\u5b58\u5728\u914d\u7f6e\u7b49\u9519\u8bef\u3002\u672a\u6388\u6743\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u83b7\u53d6\u53d7\u5f71\u54cd\u7ec4\u4ef6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eIntel\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2019-22231\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Intel Xeon Scalable Processors",
      "Intel 6th generation Core processors 0",
      "Intel 5th generation Core processors 0",
      "Intel 8th generation Core processors 0",
      "Intel 7th generation Core processors 0",
      "Intel Xeon Processor E3 v6 Family 0",
      "Intel Xeon Processor E5 v4 Family 0",
      "Intel Xeon Processor E7 v4 Family 0",
      "Intel Xeon Processor E3 v4 Family"
    ]
  },
  "referenceLink": "https://usn.ubuntu.com/3977-1/",
  "serverity": "\u4e2d",
  "submitTime": "2019-05-15",
  "title": "\u591a\u6b3eIntel\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2019-22231\uff09"
}

CVE-2018-12126 (GCVE-0-2018-12126)

Vulnerability from cvelistv5

Published

2019-05-30 15:36

Modified

2024-08-05 08:30

Severity ?

CWE

Information Disclosure

Summary

Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

References

▼	URL	Tags
	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html	x_refsource_CONFIRM
	https://www.synology.com/security/advisory/Synology_SA_19_24	x_refsource_CONFIRM
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html	vendor-advisory, x_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2019:1455	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3977-3/	vendor-advisory, x_refsource_UBUNTU
	https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html	mailing-list, x_refsource_MLIST
	https://seclists.org/bugtraq/2019/Jun/28	mailing-list, x_refsource_BUGTRAQ
	https://seclists.org/bugtraq/2019/Jun/36	mailing-list, x_refsource_BUGTRAQ
	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf	x_refsource_CONFIRM
	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html	vendor-advisory, x_refsource_SUSE
	https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc	vendor-advisory, x_refsource_FREEBSD
	https://access.redhat.com/errata/RHSA-2019:2553	vendor-advisory, x_refsource_REDHAT
	https://kc.mcafee.com/corporate/index?page=content&id=SB10292	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf	x_refsource_CONFIRM
	https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc	vendor-advisory, x_refsource_FREEBSD
	https://seclists.org/bugtraq/2019/Nov/16	mailing-list, x_refsource_BUGTRAQ
	https://seclists.org/bugtraq/2019/Nov/15	mailing-list, x_refsource_BUGTRAQ
	http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html	x_refsource_MISC
	https://www.debian.org/security/2020/dsa-4602	vendor-advisory, x_refsource_DEBIAN
	https://seclists.org/bugtraq/2020/Jan/21	mailing-list, x_refsource_BUGTRAQ
	https://security.gentoo.org/glsa/202003-56	vendor-advisory, x_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	Intel Corporation	Central ProcCVE-2018-12126essing Units (CPUs)	Version: A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:30:57.443Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/security/advisory/Synology_SA_19_24"
          },
          {
            "name": "FEDORA-2019-1f5832fc0e",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/"
          },
          {
            "name": "openSUSE-SU-2019:1505",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html"
          },
          {
            "name": "RHSA-2019:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1455"
          },
          {
            "name": "USN-3977-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3977-3/"
          },
          {
            "name": "[debian-lts-announce] 20190620 [SECURITY] [DLA 1789-2] intel-microcode security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html"
          },
          {
            "name": "20190624 [SECURITY] [DSA 4447-2] intel-microcode security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jun/28"
          },
          {
            "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jun/36"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en"
          },
          {
            "name": "openSUSE-SU-2019:1805",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html"
          },
          {
            "name": "openSUSE-SU-2019:1806",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html"
          },
          {
            "name": "FreeBSD-SA-19:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc"
          },
          {
            "name": "RHSA-2019:2553",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2553"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
          },
          {
            "name": "FreeBSD-SA-19:26",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc"
          },
          {
            "name": "20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Nov/16"
          },
          {
            "name": "20191112 [SECURITY] [DSA 4564-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Nov/15"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html"
          },
          {
            "name": "DSA-4602",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4602"
          },
          {
            "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2020/Jan/21"
          },
          {
            "name": "GLSA-202003-56",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202003-56"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Central ProcCVE-2018-12126essing Units (CPUs)",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf"
            }
          ]
        }
      ],
      "datePublic": "2019-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-26T14:06:17",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/security/advisory/Synology_SA_19_24"
        },
        {
          "name": "FEDORA-2019-1f5832fc0e",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/"
        },
        {
          "name": "openSUSE-SU-2019:1505",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html"
        },
        {
          "name": "RHSA-2019:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1455"
        },
        {
          "name": "USN-3977-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3977-3/"
        },
        {
          "name": "[debian-lts-announce] 20190620 [SECURITY] [DLA 1789-2] intel-microcode security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html"
        },
        {
          "name": "20190624 [SECURITY] [DSA 4447-2] intel-microcode security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jun/28"
        },
        {
          "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jun/36"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en"
        },
        {
          "name": "openSUSE-SU-2019:1805",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html"
        },
        {
          "name": "openSUSE-SU-2019:1806",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html"
        },
        {
          "name": "FreeBSD-SA-19:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc"
        },
        {
          "name": "RHSA-2019:2553",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2553"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
        },
        {
          "name": "FreeBSD-SA-19:26",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc"
        },
        {
          "name": "20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Nov/16"
        },
        {
          "name": "20191112 [SECURITY] [DSA 4564-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Nov/15"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html"
        },
        {
          "name": "DSA-4602",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4602"
        },
        {
          "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2020/Jan/21"
        },
        {
          "name": "GLSA-202003-56",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202003-56"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2018-12126",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Central ProcCVE-2018-12126essing Units (CPUs)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
            },
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_19_24",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_24"
            },
            {
              "name": "FEDORA-2019-1f5832fc0e",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/"
            },
            {
              "name": "openSUSE-SU-2019:1505",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html"
            },
            {
              "name": "RHSA-2019:1455",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1455"
            },
            {
              "name": "USN-3977-3",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3977-3/"
            },
            {
              "name": "[debian-lts-announce] 20190620 [SECURITY] [DLA 1789-2] intel-microcode security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html"
            },
            {
              "name": "20190624 [SECURITY] [DSA 4447-2] intel-microcode security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jun/28"
            },
            {
              "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jun/36"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en"
            },
            {
              "name": "openSUSE-SU-2019:1805",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html"
            },
            {
              "name": "openSUSE-SU-2019:1806",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html"
            },
            {
              "name": "FreeBSD-SA-19:07",
              "refsource": "FREEBSD",
              "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc"
            },
            {
              "name": "RHSA-2019:2553",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2553"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10292"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
            },
            {
              "name": "FreeBSD-SA-19:26",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc"
            },
            {
              "name": "20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Nov/16"
            },
            {
              "name": "20191112 [SECURITY] [DSA 4564-1] linux security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Nov/15"
            },
            {
              "name": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html"
            },
            {
              "name": "DSA-4602",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4602"
            },
            {
              "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2020/Jan/21"
            },
            {
              "name": "GLSA-202003-56",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202003-56"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-12126",
    "datePublished": "2019-05-30T15:36:05",
    "dateReserved": "2018-06-11T00:00:00",
    "dateUpdated": "2024-08-05T08:30:57.443Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted