Copyright © 2012 Red Hat, Inc. All rights reserved. Moderate 2026-05-12T16:35:09 kernel: Kernel: Information disclosure via shared microarchitectural predictor state in Intel(R) Processors 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CWE-1037

A flaw was found in the kernel. This vulnerability, affecting some Intel(R) Processors, involves shared microarchitectural predictor state that influences transient execution within VMX non-root (guest) operation. An unprivileged software adversary with an authenticated user can exploit this locally to disclose sensitive information. This high-complexity attack requires no user interaction and can lead to significant data exposure.

This Moderate impact information disclosure flaw affects Intel processors in virtualized environments utilizing VMX non-root (guest) operation. An authenticated, unprivileged local attacker could exploit shared microarchitectural predictor states to transiently execute code and potentially expose sensitive data. The high complexity of the attack reduces its immediate threat. Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Red Hat Enterprise Linux 10 Fix deferred microcode_ctl Red Hat Enterprise Linux 6 Fix deferred microcode_ctl Red Hat Enterprise Linux 7 Fix deferred microcode_ctl Red Hat Enterprise Linux 8 Fix deferred microcode_ctl Red Hat Enterprise Linux 9 Fix deferred microcode_ctl Red Hat OpenShift Container Platform 4 Fix deferred rhcos https://www.cve.org/CVERecord?id=CVE-2025-35979 https://nvd.nist.gov/vuln/detail/CVE-2025-35979 https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01420.html