Описание
Уязвимость процессоров Intel связана с недостатками разграничения доступа. Эксплуатация уязвимости может позволить нарушителю раскрыть защищаемую информацию
Вендор
Red Hat Inc.
Сообщество свободного программного обеспечения
Intel Corp.
ООО «РусБИТех-Астра»
Novell Inc.
Наименование ПО
Red Hat Enterprise Linux
Debian GNU/Linux
Intel Pentium
Astra Linux Special Edition
SUSE Linux Enterprise Server for SAP Applications
SUSE OpenStack Cloud
7th Generation Intel Core
8th Generation Intel Core
Astra Linux Common Edition
9th Generation Intel Core
6th Generation Intel Core
Intel Celeron G Series
Intel Xeon D
Intel Xeon E3 v6
Intel Xeon E3 v5
Intel Xeon Scalable Processor
SUSE Linux Enterprise Module for Basesystem
SUSE Enterprise Storage
Suse Linux Enterprise Server
SUSE Linux Enterprise Point of Sale
SUSE OpenStack Cloud Crowbar
HPE Helion Openstack
2nd Generation Intel Xeon Scalable Processor
10th Generation Intel Core
Intel Xeon Gold Processors
Intel Xeon W Processor
Intel Celeron Processor 5000 Series
SUSE Linux Enterprise High Performance Computing
Intel Core X-series Processors
Intel Microcode
Версия ПО
6 (Red Hat Enterprise Linux)
7 (Red Hat Enterprise Linux)
6.5 Advanced Update Support (Red Hat Enterprise Linux)
6.6 Advanced Update Support (Red Hat Enterprise Linux)
5 (Red Hat Enterprise Linux)
9 (Debian GNU/Linux)
- (Intel Pentium)
1.6 «Смоленск» (Astra Linux Special Edition)
12 SP2 (SUSE Linux Enterprise Server for SAP Applications)
12 SP2-BCL (SUSE Linux Enterprise Server for SAP Applications)
12 SP2-ESPOS (SUSE Linux Enterprise Server for SAP Applications)
12 SP2-LTSS (SUSE Linux Enterprise Server for SAP Applications)
12 SP3 (SUSE Linux Enterprise Server for SAP Applications)
12 SP4 (SUSE Linux Enterprise Server for SAP Applications)
7 (SUSE OpenStack Cloud)
8.0 (Debian GNU/Linux)
- (7th Generation Intel Core)
- (8th Generation Intel Core)
2.12 «Орёл» (Astra Linux Common Edition)
- (9th Generation Intel Core)
- (6th Generation Intel Core)
- (Intel Celeron G Series)
- (Intel Xeon D)
- (Intel Xeon E3 v6)
- (Intel Xeon E3 v5)
- (Intel Xeon Scalable Processor)
8 (Red Hat Enterprise Linux)
15 SP1 (SUSE Linux Enterprise Module for Basesystem)
5 (SUSE Enterprise Storage)
12 SP2-BCL (Suse Linux Enterprise Server)
12 SP2-ESPOS (Suse Linux Enterprise Server)
11 SP3 (SUSE Linux Enterprise Point of Sale)
11 SP4 (SUSE Linux Enterprise Server for SAP Applications)
15 (SUSE Linux Enterprise Server for SAP Applications)
11 SP4-LTSS (Suse Linux Enterprise Server)
12 SP2-LTSS (Suse Linux Enterprise Server)
12 SP3-LTSS (Suse Linux Enterprise Server)
8 (SUSE OpenStack Cloud)
12 SP3-BCL (Suse Linux Enterprise Server)
12 SP5 (Suse Linux Enterprise Server)
12 SP3-BCL (SUSE Linux Enterprise Server for SAP Applications)
12 SP3-LTSS (SUSE Linux Enterprise Server for SAP Applications)
12 SP5 (SUSE Linux Enterprise Server for SAP Applications)
8 (SUSE OpenStack Cloud Crowbar)
10 (Debian GNU/Linux)
12 SP2-CLIEN (SUSE Linux Enterprise Point of Sale)
7.6 Extended Update Support (Red Hat Enterprise Linux)
8 (HPE Helion Openstack)
12 SP3-ESPOS (Suse Linux Enterprise Server)
12 SP3-ESPOS (SUSE Linux Enterprise Server for SAP Applications)
7.2 Advanced Update Support (Red Hat Enterprise Linux)
- (2nd Generation Intel Xeon Scalable Processor)
- (10th Generation Intel Core)
9 (SUSE OpenStack Cloud)
9 (SUSE OpenStack Cloud Crowbar)
- (Intel Xeon Gold Processors)
- (Intel Xeon W Processor)
- (Intel Celeron Processor 5000 Series)
15-ESPOS (SUSE Linux Enterprise High Performance Computing)
15-LTSS (SUSE Linux Enterprise High Performance Computing)
15-LTSS (Suse Linux Enterprise Server)
7.4 US for SAP Solutions (Red Hat Enterprise Linux)
7.3 Advanced Update Support (Red Hat Enterprise Linux)
7.3 Telco Extended Update Support (Red Hat Enterprise Linux)
7.3 Update Services for SAP Solutions (Red Hat Enterprise Linux)
7.4 Telco Extended Update Support (Red Hat Enterprise Linux)
8.0 Update Services for SAP Solutions (Red Hat Enterprise Linux)
7.4 Advanced Update Support (Red Hat Enterprise Linux)
15 SP2 (SUSE Linux Enterprise Module for Basesystem)
12 SP4 LTSS (Suse Linux Enterprise Server)
12 SP4-ESPOS (Suse Linux Enterprise Server)
12 SP4-LTSS (SUSE Linux Enterprise Server for SAP Applications)
12 SP4-ESPOS (SUSE Linux Enterprise Server for SAP Applications)
7.7 Extended Update Support (Red Hat Enterprise Linux)
- (Intel Core X-series Processors)
8.2 Extended Update Support (Red Hat Enterprise Linux)
до 3.20201110.0 (Intel Microcode)
1.7 (Astra Linux Special Edition)
Тип ПО
Операционная система
ПО программно-аппаратного средства
Прикладное ПО информационных систем
ПО программно-аппаратных средств защиты
Микропрограммный код
ПО сетевого программно-аппаратного средства
Операционные системы и аппаратные платформы
Red Hat Inc. Red Hat Enterprise Linux 6
Red Hat Inc. Red Hat Enterprise Linux 7
Red Hat Inc. Red Hat Enterprise Linux 6.5 Advanced Update Support
Red Hat Inc. Red Hat Enterprise Linux 6.6 Advanced Update Support
Red Hat Inc. Red Hat Enterprise Linux 5
Red Hat Inc. Red Hat Enterprise Linux 6
Red Hat Inc. Red Hat Enterprise Linux 7
Сообщество свободного программного обеспечения Debian GNU/Linux 9
ООО «РусБИТех-Астра» Astra Linux Special Edition 1.6 «Смоленск»
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2-BCL
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2-ESPOS
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2-LTSS
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4
Сообщество свободного программного обеспечения Debian GNU/Linux 8.0
ООО «РусБИТех-Астра» Astra Linux Common Edition 2.12 «Орёл»
Red Hat Inc. Red Hat Enterprise Linux 8
Novell Inc. Suse Linux Enterprise Server 12 SP2-BCL
Novell Inc. Suse Linux Enterprise Server 12 SP2-ESPOS
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 11 SP4
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15
Novell Inc. Suse Linux Enterprise Server 11 SP4-LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP2-LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP3-LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP3-BCL
Novell Inc. Suse Linux Enterprise Server 12 SP5
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3-BCL
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP5
Сообщество свободного программного обеспечения Debian GNU/Linux 10
Red Hat Inc. Red Hat Enterprise Linux 7.6 Extended Update Support
Novell Inc. Suse Linux Enterprise Server 12 SP3-ESPOS
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS
Red Hat Inc. Red Hat Enterprise Linux 7.2 Advanced Update Support
Red Hat Inc. Red Hat Enterprise Linux 6.5 Advanced Update Support
Red Hat Inc. Red Hat Enterprise Linux 6.6 Advanced Update Support
Novell Inc. Suse Linux Enterprise Server 15-LTSS
Red Hat Inc. Red Hat Enterprise Linux 7.4 US for SAP Solutions
Red Hat Inc. Red Hat Enterprise Linux 7.3 Advanced Update Support
Red Hat Inc. Red Hat Enterprise Linux 7.3 Telco Extended Update Support
Red Hat Inc. Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions
Red Hat Inc. Red Hat Enterprise Linux 7.4 Telco Extended Update Support
Red Hat Inc. Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions
Red Hat Inc. Red Hat Enterprise Linux 7.4 Advanced Update Support
Red Hat Inc. Red Hat Enterprise Linux 6.5
Novell Inc. Suse Linux Enterprise Server 12 SP4 LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP4-ESPOS
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4-LTSS
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4-ESPOS
Red Hat Inc. Red Hat Enterprise Linux 7.7 Extended Update Support
Red Hat Inc. Red Hat Enterprise Linux 8.2 Extended Update Support
ООО «РусБИТех-Астра» Astra Linux Special Edition 1.7
Уровень опасности уязвимости
Низкий уровень опасности (базовая оценка CVSS 2.0 составляет 2,1)
Возможные меры по устранению уязвимости
Использование рекомендаций производителя:
Для программных продуктов Intel Corp.:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html
Для программных продуктов Novell Inc.:
https://www.suse.com/security/cve/CVE-2020-8696/
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/cve-2020-8696
Для Intel Microcode:
использование рекомендаций производителя: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381
Для ОС Debian:
использование рекомендаций производителя: https://security-tracker.debian.org/tracker/CVE-2020-8696
Для ОС Astra Linux:
использование рекомендаций производителя:
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20210730SE16
https://wiki.astralinux.ru/pages/viewpage.action?pageId=47416144
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17
Статус уязвимости
Подтверждена производителем
Наличие эксплойта
Данные уточняются
Информация об устранении
Уязвимость устранена
Ссылки на источники
Идентификаторы других систем описаний уязвимостей
- CVE
EPSS
Процентиль: 31%
0.00116
Низкий
2.1 Low
CVSS2
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 4 лет назад
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVSS3: 2.8
redhat
больше 4 лет назад
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVSS3: 5.5
nvd
больше 4 лет назад
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVSS3: 5.5
debian
больше 4 лет назад
Improper removal of sensitive information before storage or transfer i ...
github
около 3 лет назад
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
EPSS
Процентиль: 31%
0.00116
Низкий
2.1 Low
CVSS2