Описание
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer.
Отчет
Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the 'Vulnerability Response' URL.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Will not fix | ||
| Red Hat Virtualization 4 | ovirt-guest-agent | Affected | ||
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2019:1169 | 14.05.2019 |
| Red Hat Enterprise Linux 6 | libvirt | Fixed | RHSA-2019:1180 | 14.05.2019 |
| Red Hat Enterprise Linux 6 | qemu-kvm | Fixed | RHSA-2019:1181 | 14.05.2019 |
| Red Hat Enterprise Linux 6.5 Advanced Update Support | kernel | Fixed | RHSA-2019:1196 | 14.05.2019 |
| Red Hat Enterprise Linux 6.5 Advanced Update Support | libvirt | Fixed | RHSA-2019:1197 | 14.05.2019 |
| Red Hat Enterprise Linux 6.5 Advanced Update Support | qemu-kvm | Fixed | RHSA-2019:1198 | 14.05.2019 |
| Red Hat Enterprise Linux 6.6 Advanced Update Support | kernel | Fixed | RHSA-2019:1193 | 14.05.2019 |
| Red Hat Enterprise Linux 6.6 Advanced Update Support | libvirt | Fixed | RHSA-2019:1194 | 14.05.2019 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers o ...
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
Уязвимость буфера данных MSBDS микропрограммного обеспечения Intel, позволяющая нарушителю получить доступ к конфиденциальной информации
EPSS
6.5 Medium
CVSS3