Microarchitecture Vulnerability in Intel Processors Impacting Various Products
CVE-2018-12130

5.6MEDIUM

Key Information:

Vendor

Intel
Status
Central Processing Units (cpus)
Vendor
CVE Published:
30 May 2019

What is CVE-2018-12130?

Microarchitectural Fill Buffer Data Sampling (MFBDS) is a vulnerability present in certain Intel microprocessors. It exploits the speculative execution feature, potentially allowing an authenticated user with local access to leak sensitive data via side-channel attacks. Affected users should apply the latest patches and microcode updates to mitigate the risk associated with this threat. For more information on impacted products and available mitigations, refer to the advisory issued by Intel.

Affected Version(s)

Central Processing Units (CPUs) A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

References

https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_CONFIRM
https://www.synology.com/security/advisory/Synology_SA_19_24
x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA

CVSS V3.1

Score:
5.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.