CVE-2018-12127

Impact:
Moderate
Public Date:
2019-05-14
Bugzilla:
1667782: CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS)
Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel.

Find out more about CVE-2018-12127 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/mds

CVSS v3 metrics

CVSS3 Base Score 6.5
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Changed
Confidentiality High
Integrity Impact None
Availability Impact None

Red Hat Security Errata

Platform Errata Release Date
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (vdsm) RHSA-2019:1203 2019-05-14
Red Hat Enterprise Linux 8 (kernel) RHSA-2019:1167 2019-05-14
Red Hat Enterprise Linux 7.3 Telco Extended Update Support (kernel) RHSA-2019:1171 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (vdsm) RHSA-2019:1204 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (redhat-virtualization-host) RHSA-2019:1207 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.4 (kernel) RHSA-2019:1170 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (redhat-virtualization-host) RHSA-2019:1209 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (rhvm-appliance) RHSA-2019:1208 2019-05-14
Red Hat Enterprise Linux 8 (kernel-rt) RHSA-2019:1174 2019-05-14
Red Hat Enterprise Linux Server TUS (v. 7.2) (libvirt) RHSA-2019:1186 2019-05-14
Red Hat Enterprise Linux Server TUS (v. 7.2) (qemu-kvm) RHSA-2019:1188 2019-05-14
Red Hat Enterprise Linux Server TUS (v. 7.2) (kernel) RHSA-2019:1172 2019-05-14
Red Hat Enterprise Linux Update Services for SAP Solutions 7.3 (kernel) RHSA-2019:1171 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.5 (libvirt) RHSA-2019:1197 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.5 (kernel) RHSA-2019:1196 2019-05-14
Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt) RHSA-2019:1176 2019-05-14
Red Hat Virtualization 4 (rhvm-setup-plugins) RHSA-2019:1205 2019-05-14
Red Hat Enterprise Linux 7 (kernel) RHSA-2019:1168 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.3 (kernel) RHSA-2019:1171 2019-05-14
Red Hat Enterprise Linux 8 (virt:rhel) RHSA-2019:1175 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.5 (qemu-kvm) RHSA-2019:1198 2019-05-14
Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (kernel) RHSA-2019:1172 2019-05-14
Red Hat Enterprise Linux 6 (kernel) RHSA-2019:1169 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.5 (libvirt) RHSA-2019:1182 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.3 (qemu-kvm) RHSA-2019:1189 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (qemu-kvm-rhev) RHSA-2019:1179 2019-05-14
Advanced Virtualization for RHEL 8.0.1 (virt:8.0.0) RHSA-2019:1455 2019-06-11
Red Hat Enterprise Linux Advanced Update Support 7.3 (libvirt) RHSA-2019:1187 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.4 (libvirt) RHSA-2019:1184 2019-05-14
Red Hat Enterprise Linux Update Services for SAP Solutions 7.3 (qemu-kvm) RHSA-2019:1189 2019-05-14
Red Hat OpenStack Platform 13.0 (Queens) (qemu-kvm-rhev) RHSA-2019:1201 2019-05-14
Red Hat Enterprise Linux 6 (libvirt) RHSA-2019:1180 2019-05-14
Red Hat Enterprise Linux 6 (qemu-kvm) RHSA-2019:1181 2019-05-14
Red Hat Enterprise Linux Update Services for SAP Solutions 7.3 (libvirt) RHSA-2019:1187 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.5 (qemu-kvm) RHSA-2019:1183 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.2 (kernel) RHSA-2019:1172 2019-05-14
Red Hat Enterprise Linux 8 (kernel-rt) RHSA-2019:1174 2019-05-14
Red Hat Enterprise Linux 7.3 Telco Extended Update Support (qemu-kvm) RHSA-2019:1189 2019-05-14
Red Hat OpenStack Platform 14.0 (Rocky) (qemu-kvm-rhev) RHSA-2019:1202 2019-05-14
Red Hat OpenStack Platform 10 (qemu-kvm-rhev) RHSA-2019:1200 2019-05-14
Red Hat Enterprise Linux 7 (qemu-kvm) RHSA-2019:1178 2019-05-14
Red Hat OpenStack Platform 9.0 (qemu-kvm-rhev) RHSA-2019:1199 2019-05-14
Red Hat Enterprise Linux 7 (libvirt) RHSA-2019:1177 2019-05-14
Red Hat MRG Grid for RHEL 6 Server v.2 (kernel-rt) RHSA-2019:1190 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.6 (kernel) RHSA-2019:1193 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.6 (libvirt) RHSA-2019:1194 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.6 (qemu-kvm) RHSA-2019:1195 2019-05-14
Red Hat Enterprise Linux 7.3 Telco Extended Update Support (libvirt) RHSA-2019:1187 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.4 (qemu-kvm) RHSA-2019:1185 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.2 (libvirt) RHSA-2019:1186 2019-05-14
Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (libvirt) RHSA-2019:1186 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.2 (qemu-kvm) RHSA-2019:1188 2019-05-14
Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (qemu-kvm) RHSA-2019:1188 2019-05-14
Red Hat Enterprise Linux 8 (kernel) RHSA-2019:1167 2019-05-14
Red Hat Virtualization 4 (rhvm-setup-plugins) RHSA-2019:1206 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.5 (kernel) RHSA-2019:1155 2019-05-14

Affected Packages State

Platform Package State
Red Hat Virtualization 4 ovirt-guest-agent Affected
Red Hat OpenShift Container Platform 4.1 kernel Affected
Red Hat Enterprise Linux 7 kernel-alt Not affected
Red Hat Enterprise Linux 5 kernel Will not fix

Acknowledgements

Red Hat thanks Intel and industry partners for reporting this issue and collaborating on the mitigations for the same. Additionally Red Hat thanks the original reporters, This vulnerability was found internally by Intel employees and Microsoft. Intel would like to thank Brandon Falk – Microsoft Windows Platform Security Team, Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco - Intel. It was independently reported by Matt Miller – Microsoft, and by Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida - VUSec group at VU Amsterdam.

External References

Last Modified