CVE-2019-11091

Impact:
Moderate
Public Date:
2019-05-14
Bugzilla:
1705312: CVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

Find out more about CVE-2019-11091 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/mds

CVSS v3 metrics

CVSS3 Base Score 3.8
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Changed
Confidentiality Low
Integrity Impact None
Availability Impact None

Red Hat Security Errata

Platform Errata Release Date
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (vdsm) RHSA-2019:1203 2019-05-14
Red Hat Enterprise Linux 8 (kernel) RHSA-2019:1167 2019-05-14
Red Hat Enterprise Linux 7.3 Telco Extended Update Support (kernel) RHSA-2019:1171 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (vdsm) RHSA-2019:1204 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (redhat-virtualization-host) RHSA-2019:1207 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.4 (kernel) RHSA-2019:1170 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (redhat-virtualization-host) RHSA-2019:1209 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (rhvm-appliance) RHSA-2019:1208 2019-05-14
Red Hat Enterprise Linux 8 (kernel-rt) RHSA-2019:1174 2019-05-14
Red Hat Enterprise Linux Server TUS (v. 7.2) (libvirt) RHSA-2019:1186 2019-05-14
Red Hat Enterprise Linux Server TUS (v. 7.2) (qemu-kvm) RHSA-2019:1188 2019-05-14
Red Hat Enterprise Linux Server TUS (v. 7.2) (kernel) RHSA-2019:1172 2019-05-14
Red Hat Enterprise Linux Update Services for SAP Solutions 7.3 (kernel) RHSA-2019:1171 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.5 (libvirt) RHSA-2019:1197 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.5 (kernel) RHSA-2019:1196 2019-05-14
Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt) RHSA-2019:1176 2019-05-14
Red Hat Virtualization 4 (rhvm-setup-plugins) RHSA-2019:1205 2019-05-14
Red Hat Enterprise Linux 7 (kernel) RHSA-2019:1168 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.3 (kernel) RHSA-2019:1171 2019-05-14
Red Hat Enterprise Linux 8 (virt:rhel) RHSA-2019:1175 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.5 (qemu-kvm) RHSA-2019:1198 2019-05-14
Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (kernel) RHSA-2019:1172 2019-05-14
Red Hat Enterprise Linux 6 (kernel) RHSA-2019:1169 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.5 (libvirt) RHSA-2019:1182 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.3 (qemu-kvm) RHSA-2019:1189 2019-05-14
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (qemu-kvm-rhev) RHSA-2019:1179 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.3 (libvirt) RHSA-2019:1187 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.4 (libvirt) RHSA-2019:1184 2019-05-14
Red Hat Enterprise Linux Update Services for SAP Solutions 7.3 (qemu-kvm) RHSA-2019:1189 2019-05-14
Red Hat OpenStack Platform 13.0 (Queens) (qemu-kvm-rhev) RHSA-2019:1201 2019-05-14
Red Hat Enterprise Linux 6 (libvirt) RHSA-2019:1180 2019-05-14
Red Hat Enterprise Linux 6 (qemu-kvm) RHSA-2019:1181 2019-05-14
Red Hat Enterprise Linux Update Services for SAP Solutions 7.3 (libvirt) RHSA-2019:1187 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.5 (qemu-kvm) RHSA-2019:1183 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.2 (kernel) RHSA-2019:1172 2019-05-14
Red Hat Enterprise Linux 8 (kernel-rt) RHSA-2019:1174 2019-05-14
Red Hat Enterprise Linux 7.3 Telco Extended Update Support (qemu-kvm) RHSA-2019:1189 2019-05-14
Red Hat OpenStack Platform 14.0 (Rocky) (qemu-kvm-rhev) RHSA-2019:1202 2019-05-14
Red Hat OpenStack Platform 10 (qemu-kvm-rhev) RHSA-2019:1200 2019-05-14
Red Hat Enterprise Linux 7 (qemu-kvm) RHSA-2019:1178 2019-05-14
Red Hat OpenStack Platform 9.0 (qemu-kvm-rhev) RHSA-2019:1199 2019-05-14
Red Hat Enterprise Linux 7 (libvirt) RHSA-2019:1177 2019-05-14
Red Hat MRG Grid for RHEL 6 Server v.2 (kernel-rt) RHSA-2019:1190 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.6 (kernel) RHSA-2019:1193 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.6 (libvirt) RHSA-2019:1194 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 6.6 (qemu-kvm) RHSA-2019:1195 2019-05-14
Red Hat Enterprise Linux 7.3 Telco Extended Update Support (libvirt) RHSA-2019:1187 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.4 (qemu-kvm) RHSA-2019:1185 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.2 (libvirt) RHSA-2019:1186 2019-05-14
Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (libvirt) RHSA-2019:1186 2019-05-14
Red Hat Enterprise Linux Advanced Update Support 7.2 (qemu-kvm) RHSA-2019:1188 2019-05-14
Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (qemu-kvm) RHSA-2019:1188 2019-05-14
Red Hat Enterprise Linux 8 (kernel) RHSA-2019:1167 2019-05-14
Red Hat Virtualization 4 (rhvm-setup-plugins) RHSA-2019:1206 2019-05-14
Red Hat Enterprise Linux Extended Update Support 7.5 (kernel) RHSA-2019:1155 2019-05-14

Affected Packages State

Platform Package State
Red Hat Virtualization 4 ovirt-guest-agent Affected
Red Hat Enterprise Linux 7 kernel-alt Not affected
Red Hat Enterprise Linux 5 kernel Will not fix

Acknowledgements

Red Hat thanks Intel and industry partners for reporting this issue and collaborating on the mitigations for the same. Additionally Red Hat thanks the original reporters, This vulnerability was found internally by Intel employees. Intel would like to thank Ke Sun, Henrique Kawakami, Kekai Hu and Rodrigo Branco. It was independently found by Volodrmyr Pikhur, and by Moritz Lipp, Michael Schwarz, Daniel Gruss - Graz University of Technology, and by Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida - VUSec group at VU Amsterdam.
Last Modified