CVE-2019-11091

MEDIUM

Intel Microarchitectural Data Sampling Uncacheable Memory - Information Disclosure via Side Channel

Title source: llm
STIX 2.1

Description

Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

References (22)

Core 22
Core References
Mailing List mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Jun/28
Mailing List mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Jun/36
Mailing List mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Nov/15
Mailing List mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2020/Jan/21
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1455
Vendor Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/3977-3/
Mailing List mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html
Vendor Advisory vendor-advisory x_refsource_freebsd
https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:2553
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2020/dsa-4602
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/202003-56

Scores

CVSS v3 5.6
EPSS 0.0170
EPSS Percentile 82.5%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Details

Status published
Products (2)
fedoraproject/fedora 29
intel/microarchitectural_data_sampling_uncacheable_memory_firmware
Published May 30, 2019
Tracked Since Feb 18, 2026