CVE-2020-4788

Опубликовано: 20 нояб. 2020

Источник: nvd

CVSS3: 5.1

CVSS3: 4.7

CVSS2: 1.9

EPSS Низкий

Описание

IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.

Ссылки

http://www.openwall.com/lists/oss-security/2020/11/20/3
Mailing List
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2020/11/23/1
Mailing List
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/189296
VDB Entry
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TITJQPYDWZ4NB2ONJWUXW75KSQIPF35T/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZF4OGZPKTAJJXWHPIFP3LHEWWEMR5LPT/
https://www.ibm.com/support/pages/node/6370729
Patch
Vendor Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2020/11/20/3
Mailing List
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2020/11/23/1
Mailing List
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/189296
VDB Entry
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TITJQPYDWZ4NB2ONJWUXW75KSQIPF35T/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZF4OGZPKTAJJXWHPIFP3LHEWWEMR5LPT/
https://www.ibm.com/support/pages/node/6370729
Patch
Vendor Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:ibm:vios:3.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:vios:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:vios:3.1.2:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.1.0:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.1.5:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.2.0:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.2.3:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.2.4:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.2.5:*:*:*:*:*:*:*

cpe:2.3:o:ibm:power9:-:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 28%

0.00097

Низкий

5.1 Medium

CVSS3

4.7 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2020-4788

CVSS3: 4.7

ubuntu

больше 4 лет назад

IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.

CVE-2020-4788

CVSS3: 5.1

redhat

больше 4 лет назад

IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.

CVE-2020-4788

CVSS3: 4.7

debian

больше 4 лет назад

IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local ...

GHSA-fv43-627p-jvmr

CVSS3: 4.7

github

около 3 лет назад

IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.

BDU:2021-03412

CVSS3: 4.7

fstec

больше 4 лет назад

Уязвимость ядра операционной системы Linux, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным

EPSS

Процентиль: 28%

0.00097

Низкий

5.1 Medium

CVSS3

4.7 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

NVD-CWE-noinfo