CVE-2019-11091

Name of the Vulnerable Software and Affected Versions Intel microprocessors (affected versions not specified) vCenter Server (affected versions not specified) ESXi (affected versions not specified) Workstation (affected versions not specified) Fusion (affected versions not specified)

Description The issue is related to Microarchitectural Data Sampling Uncacheable Memory (MDSUM) on some microprocessors that utilize speculative execution. This may allow an authenticated user with local access to potentially enable information disclosure via a side channel. An attacker with local access to a targeted system may exploit this issue to obtain data on the targeted system, causing some information leakage.

Recommendations For Intel microprocessors, apply the microcode updates as guided by Intel. For vCenter Server, update to a version that includes Hypervisor-Specific Mitigations for MDS speculative execution vulnerabilities. For ESXi, update to a version that includes Hypervisor-Specific Mitigations for MDS speculative execution vulnerabilities. For Workstation, update to a version that includes Hypervisor-Specific Mitigations for MDS speculative execution vulnerabilities. For Fusion, update to a version that includes Hypervisor-Specific Mitigations for MDS speculative execution vulnerabilities.