Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-8698

Опубликовано: 10 нояб. 2020
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5microcode_ctlOut of support scope
Red Hat Enterprise Linux 6microcode_ctlFixedRHSA-2020:508411.11.2020
Red Hat Enterprise Linux 6.5 Advanced Update Supportmicrocode_ctlFixedRHSA-2020:518923.11.2020
Red Hat Enterprise Linux 6.6 Advanced Update Supportmicrocode_ctlFixedRHSA-2020:518423.11.2020
Red Hat Enterprise Linux 7microcode_ctlFixedRHSA-2020:508311.11.2020
Red Hat Enterprise Linux 7microcode_ctlFixedRHSA-2021:302809.08.2021
Red Hat Enterprise Linux 7.2 Advanced Update Supportmicrocode_ctlFixedRHSA-2020:518823.11.2020
Red Hat Enterprise Linux 7.2 Advanced Update Supportmicrocode_ctlFixedRHSA-2021:332331.08.2021
Red Hat Enterprise Linux 7.3 Advanced Update Supportmicrocode_ctlFixedRHSA-2020:518323.11.2020
Red Hat Enterprise Linux 7.3 Advanced Update Supportmicrocode_ctlFixedRHSA-2021:332231.08.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-212
https://bugzilla.redhat.com/show_bug.cgi?id=1890356hw: Fast forward store predictor

EPSS

Процентиль: 21%
0.00065
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-8698

CVSS3: 5.5
ubuntu
больше 4 лет назад

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

nvd логотип

CVE-2020-8698

CVSS3: 5.5
nvd
больше 4 лет назад

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

debian логотип

CVE-2020-8698

CVSS3: 5.5
debian
больше 4 лет назад

Improper isolation of shared resources in some Intel(R) Processors may ...

github логотип

GHSA-9636-925v-53qr

CVSS3: 5.5
github
около 3 лет назад

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

fstec логотип

BDU:2020-05479

fstec
больше 4 лет назад

Уязвимость процессоров Intel, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 21%
0.00065
Низкий

5.5 Medium

CVSS3