CVE-2018-12127

Name of the Vulnerable Software and Affected Versions Intel microprocessors (affected versions not specified) vCenter Server (affected versions not specified) ESXi (affected versions not specified) Workstation (affected versions not specified) Fusion (affected versions not specified) Huawei VRP (affected versions not specified)

Description The issue is related to Microarchitectural Load Port Data Sampling (MLPDS), which may allow an authenticated user to potentially enable information disclosure via a side channel with local access. This is due to the incorrect implementation of saving outdated operation results in the load port table. The exploitation of this issue can allow an attacker to access confidential information.

Recommendations For Intel microprocessors, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For vCenter Server, apply Hypervisor-Specific Mitigations for MDS speculative execution vulnerabilities. For ESXi, apply Hypervisor-Specific Mitigations for MDS speculative execution vulnerabilities. For Workstation, apply Hypervisor-Specific Mitigations for MDS speculative execution vulnerabilities. For Fusion, apply Hypervisor-Specific Mitigations for MDS speculative execution vulnerabilities. For Huawei VRP, at the moment, there is no information about a newer version that contains a fix for this vulnerability.