CVE-2019-11091

Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en
https://access.redhat.com/errata/RHSA-2019:1455
https://access.redhat.com/errata/RHSA-2019:2553
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf
https://kc.mcafee.com/corporate/index?page=content&id=SB10292
https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/
https://seclists.org/bugtraq/2019/Jun/28
https://seclists.org/bugtraq/2019/Jun/36
https://seclists.org/bugtraq/2019/Nov/15
https://seclists.org/bugtraq/2020/Jan/21
https://security.gentoo.org/glsa/202003-56
https://usn.ubuntu.com/3977-3/
https://www.debian.org/security/2020/dsa-4602
https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html Vendor Advisory
https://www.synology.com/security/advisory/Synology_SA_19_24
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en
https://access.redhat.com/errata/RHSA-2019:1455
https://access.redhat.com/errata/RHSA-2019:2553
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf
https://kc.mcafee.com/corporate/index?page=content&id=SB10292
https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/
https://seclists.org/bugtraq/2019/Jun/28
https://seclists.org/bugtraq/2019/Jun/36
https://seclists.org/bugtraq/2019/Nov/15
https://seclists.org/bugtraq/2020/Jan/21
https://security.gentoo.org/glsa/202003-56
https://usn.ubuntu.com/3977-3/
https://www.debian.org/security/2020/dsa-4602
https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html Vendor Advisory
https://www.synology.com/security/advisory/Synology_SA_19_24
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:intel:microarchitectural_data_sampling_uncacheable_memory_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:microarchitectural_data_sampling_uncacheable_memory:-:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*

History

21 Nov 2024, 04:20

Type Values Removed Values Added
References () http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html - () http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html -
References () http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html - () http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html -
References () http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html - () http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html -
References () http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt - () http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt -
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en - () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en -
References () https://access.redhat.com/errata/RHSA-2019:1455 - () https://access.redhat.com/errata/RHSA-2019:1455 -
References () https://access.redhat.com/errata/RHSA-2019:2553 - () https://access.redhat.com/errata/RHSA-2019:2553 -
References () https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf - () https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf -
References () https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf - () https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf -
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10292 - () https://kc.mcafee.com/corporate/index?page=content&id=SB10292 -
References () https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html - () https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/ -
References () https://seclists.org/bugtraq/2019/Jun/28 - () https://seclists.org/bugtraq/2019/Jun/28 -
References () https://seclists.org/bugtraq/2019/Jun/36 - () https://seclists.org/bugtraq/2019/Jun/36 -
References () https://seclists.org/bugtraq/2019/Nov/15 - () https://seclists.org/bugtraq/2019/Nov/15 -
References () https://seclists.org/bugtraq/2020/Jan/21 - () https://seclists.org/bugtraq/2020/Jan/21 -
References () https://security.gentoo.org/glsa/202003-56 - () https://security.gentoo.org/glsa/202003-56 -
References () https://usn.ubuntu.com/3977-3/ - () https://usn.ubuntu.com/3977-3/ -
References () https://www.debian.org/security/2020/dsa-4602 - () https://www.debian.org/security/2020/dsa-4602 -
References () https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc - () https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc -
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html - Vendor Advisory () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html - Vendor Advisory
References () https://www.synology.com/security/advisory/Synology_SA_19_24 - () https://www.synology.com/security/advisory/Synology_SA_19_24 -

07 Nov 2023, 03:02

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/', 'name': 'FEDORA-2019-1f5832fc0e', 'tags': ['Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/ -

Information

Published : 2019-05-30 16:29

Updated : 2024-11-21 04:20


NVD link : CVE-2019-11091

Mitre link : CVE-2019-11091

CVE.ORG link : CVE-2019-11091


JSON object : View

Products Affected

intel

  • microarchitectural_data_sampling_uncacheable_memory_firmware
  • microarchitectural_data_sampling_uncacheable_memory

fedoraproject

  • fedora