PT-2020-1361 · Intel+7 · Intel Processors+7
Alyssa Milburn
+10
·
Published
2020-01-27
·
Updated
2023-12-25
·
CVE-2020-0549
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Intel(R) Processors (affected versions not specified)
Description
The issue is related to cleanup errors in some data cache evictions for some Intel(R) Processors, which may allow an authenticated user to potentially enable information disclosure via local access. This is caused by a data leak from the L1D cache. The vulnerability can be exploited to disclose protected information. Researchers have found a new speculative execution vulnerability in Intel CPUs that could let attackers leak targeted sensitive data from the OS kernel, co-resident virtual machines, and even from Intel's secured SGX enclave.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Centos
Intel Processors
Linuxmint
Red Hat
Rocky Linux
Suse
Ubuntu