CVE-2018-12130

Impact:
Important
Public Date:
2019-05-14
Bugzilla:
1646784: CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)
A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer.

Find out more about CVE-2018-12130 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/mds

CVSS v3 metrics

CVSS3 Base Score 6.2
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity Impact None
Availability Impact None

Red Hat Security Errata

Platform Errata Release Date
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (vdsm) RHSA-2019:1203 2019-05-14
Red Hat Enterprise Linux 8 (kernel) RHSA-2019:1167 2019-05-14
Red Hat Enterprise Linux 7.3 Telco Extended Update Support (kernel) RHSA-2019:1171 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (vdsm) RHSA-2019:1204 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (redhat-virtualization-host) RHSA-2019:1207 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.4 (kernel) RHSA-2019:1170 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (redhat-virtualization-host) RHSA-2019:1209 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (rhvm-appliance) RHSA-2019:1208 2019-05-14
Red Hat Enterprise Linux 8 (kernel-rt) RHSA-2019:1174 2019-05-14
Red Hat Enterprise Linux Server TUS (v. 7.2) (libvirt) RHSA-2019:1186 2019-05-14
Red Hat Enterprise Linux Server TUS (v. 7.2) (qemu-kvm) RHSA-2019:1188 2019-05-14
Red Hat Enterprise Linux Server TUS (v. 7.2) (kernel) RHSA-2019:1172 2019-05-14
Red Hat Enterprise Linux Update Services for SAP Solutions 7.3 (kernel) RHSA-2019:1171 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.5 (libvirt) RHSA-2019:1197 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (qemu-kvm-rhev) RHSA-2019:2553 2019-08-22
Red Hat Enterprise Linux Advanced Update Support 6.5 (kernel) RHSA-2019:1196 2019-05-14
Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt) RHSA-2019:1176 2019-05-14
Red Hat Virtualization 4 (rhvm-setup-plugins) RHSA-2019:1205 2019-05-14
Red Hat Enterprise Linux 7 (kernel) RHSA-2019:1168 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.3 (kernel) RHSA-2019:1171 2019-05-14
Red Hat Enterprise Linux 8 (virt:rhel) RHSA-2019:1175 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.5 (qemu-kvm) RHSA-2019:1198 2019-05-14
Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (kernel) RHSA-2019:1172 2019-05-14
Red Hat Enterprise Linux 6 (kernel) RHSA-2019:1169 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.5 (libvirt) RHSA-2019:1182 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.3 (qemu-kvm) RHSA-2019:1189 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (qemu-kvm-rhev) RHSA-2019:1179 2019-05-14
Advanced Virtualization for RHEL 8.0.1 (virt:8.0.0) RHSA-2019:1455 2019-06-11
Red Hat Enterprise Linux Advanced Update Support 7.3 (libvirt) RHSA-2019:1187 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.4 (libvirt) RHSA-2019:1184 2019-05-14
Red Hat Enterprise Linux Update Services for SAP Solutions 7.3 (qemu-kvm) RHSA-2019:1189 2019-05-14
Red Hat OpenStack Platform 13.0 (Queens) (qemu-kvm-rhev) RHSA-2019:1201 2019-05-14
Red Hat Enterprise Linux 6 (libvirt) RHSA-2019:1180 2019-05-14
Red Hat Enterprise Linux 6 (qemu-kvm) RHSA-2019:1181 2019-05-14
Red Hat Virtualization 4 (qemu-kvm-rhev) RHSA-2019:2553 2019-08-22
Red Hat Enterprise Linux Update Services for SAP Solutions 7.3 (libvirt) RHSA-2019:1187 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.5 (qemu-kvm) RHSA-2019:1183 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.2 (kernel) RHSA-2019:1172 2019-05-14
Red Hat Enterprise Linux 8 (kernel-rt) RHSA-2019:1174 2019-05-14
Red Hat Enterprise Linux 7.3 Telco Extended Update Support (qemu-kvm) RHSA-2019:1189 2019-05-14
Red Hat OpenStack Platform 14.0 (Rocky) (qemu-kvm-rhev) RHSA-2019:1202 2019-05-14
Red Hat OpenStack Platform 10 (qemu-kvm-rhev) RHSA-2019:1200 2019-05-14
Red Hat Enterprise Linux 7 (qemu-kvm) RHSA-2019:1178 2019-05-14
Red Hat OpenStack Platform 9.0 (qemu-kvm-rhev) RHSA-2019:1199 2019-05-14
Red Hat Enterprise Linux 7 (libvirt) RHSA-2019:1177 2019-05-14
Red Hat MRG Grid for RHEL 6 Server v.2 (kernel-rt) RHSA-2019:1190 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.6 (kernel) RHSA-2019:1193 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.6 (libvirt) RHSA-2019:1194 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.6 (qemu-kvm) RHSA-2019:1195 2019-05-14
Red Hat Enterprise Linux 7.3 Telco Extended Update Support (libvirt) RHSA-2019:1187 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.4 (qemu-kvm) RHSA-2019:1185 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.2 (libvirt) RHSA-2019:1186 2019-05-14
Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (libvirt) RHSA-2019:1186 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.2 (qemu-kvm) RHSA-2019:1188 2019-05-14
Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (qemu-kvm) RHSA-2019:1188 2019-05-14
Red Hat Enterprise Linux 8 (kernel) RHSA-2019:1167 2019-05-14
Red Hat Virtualization 4 (rhvm-setup-plugins) RHSA-2019:1206 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.5 (kernel) RHSA-2019:1155 2019-05-14

Affected Packages State

Platform Package State
Red Hat Virtualization 4 ovirt-guest-agent Affected
Red Hat OpenShift Container Platform 4.1 kernel Affected
Red Hat Enterprise Linux 7 kernel-alt Not affected
Red Hat Enterprise Linux 5 kernel Will not fix
Unless explicitly stated as not affected, all previous versions of packages in any minor update stream of a product listed here should be assumed vulnerable, although may not have been subject to full analysis.

Acknowledgements

Red Hat thanks Intel and industry partners for reporting this issue and collaborating on the mitigations for the same. Additionally Red Hat thanks the original reporters, This vulnerability was found internally by Intel employees. Intel would like to thank Ke Sun, Henrique Kawakami, Kekai Hu and Rodrigo Branco. It was independently reported by Giorgi Maisuradze – Microsoft Research, and by Dan Horea Lutas, and Andrei Lutas - Bitdefender, and by Volodymyr Pikhur, and by Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida - VUSec group at VU Amsterdam, and by Moritz Lipp, Michael Schwarz, and Daniel Gruss - Graz University of Technology.
Last Modified