CVE-2019-0185

Name of the Vulnerable Software and Affected Versions Intel(R) Core(TM) Processor families versions 6th through 9th Intel(R) Xeon(R) Processor E3-1500 versions v5 and v6 Intel(R) Xeon(R) E-2100 and E-2200 Processor families with Intel(R) Processor Graphics

Description The issue is related to insufficient access control in the protected memory subsystem for System Management Mode (SMM) in certain Intel processor families. This may allow a privileged user to potentially enable information disclosure via local access. The vulnerability in the System Management Mode (SMM) component of Intel processor microcode is associated with inadequate access control, which can be exploited to disclose protected information.

Recommendations For 6th through 9th Generation Intel(R) Core(TM) Processor families: update to a version that includes the fix for the insufficient access control issue. For Intel(R) Xeon(R) Processor E3-1500 versions v5 and v6: apply the recommended configuration changes to mitigate the risk of information disclosure. For Intel(R) Xeon(R) E-2100 and E-2200 Processor families with Intel(R) Processor Graphics: restrict local access to minimize the risk of exploitation until a patch is available.