Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

Metrics

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

AV:L/AC:M/Au:N/C:C/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Fedoraproject
  • Fedora
Intel
  • Microarchitectural Data Sampling Uncacheable Memory
  • Microarchitectural Data Sampling Uncacheable Memory Firmware
Redhat
  • Advanced Virtualization
  • Enterprise Linux
  • Enterprise Mrg
  • Openstack
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Extras Rt
  • Rhel Tus
  • Rhev Manager

Configuration 1 [-]

AND
cpe:2.3:o:intel:microarchitectural_data_sampling_uncacheable_memory_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:microarchitectural_data_sampling_uncacheable_memory:-:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 6
kernel-0:2.6.32-754.14.2.el6 cpe:/o:redhat:enterprise_linux:6 RHSA-2019:1169 2019-05-14T00:00:00Z
libvirt-0:0.10.2-64.el6_10.1 cpe:/o:redhat:enterprise_linux:6 RHSA-2019:1180 2019-05-14T00:00:00Z
qemu-kvm-2:0.12.1.2-2.506.el6_10.3 cpe:/o:redhat:enterprise_linux:6 RHSA-2019:1181 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 6.5 Advanced Update Support
kernel-0:2.6.32-431.94.2.el6 cpe:/o:redhat:rhel_aus:6.5 RHSA-2019:1196 2019-05-14T00:00:00Z
libvirt-0:0.10.2-29.el6_5.18 cpe:/o:redhat:rhel_aus:6.5 RHSA-2019:1197 2019-05-14T00:00:00Z
qemu-kvm-2:0.12.1.2-2.415.el6_5.20 cpe:/o:redhat:rhel_aus:6.5 RHSA-2019:1198 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 6.6 Advanced Update Support
kernel-0:2.6.32-504.78.2.el6 cpe:/o:redhat:rhel_aus:6.6 RHSA-2019:1193 2019-05-14T00:00:00Z
libvirt-0:0.10.2-46.el6_6.10 cpe:/o:redhat:rhel_aus:6.6 RHSA-2019:1194 2019-05-14T00:00:00Z
qemu-kvm-2:0.12.1.2-2.448.el6_6.8 cpe:/o:redhat:rhel_aus:6.6 RHSA-2019:1195 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 7
kernel-rt-0:3.10.0-957.12.2.rt56.929.el7 cpe:/a:redhat:rhel_extras_rt:7 RHSA-2019:1176 2019-05-14T00:00:00Z
kernel-0:3.10.0-957.12.2.el7 cpe:/o:redhat:enterprise_linux:7 RHSA-2019:1168 2019-05-14T00:00:00Z
libvirt-0:4.5.0-10.el7_6.9 cpe:/o:redhat:enterprise_linux:7 RHSA-2019:1177 2019-05-14T00:00:00Z
qemu-kvm-10:1.5.3-160.el7_6.2 cpe:/o:redhat:enterprise_linux:7 RHSA-2019:1178 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 7.2 Advanced Update Support
kernel-0:3.10.0-327.78.2.el7 cpe:/o:redhat:rhel_aus:7.2 RHSA-2019:1172 2019-05-14T00:00:00Z
libvirt-0:1.2.17-13.el7_2.10 cpe:/o:redhat:rhel_aus:7.2 RHSA-2019:1186 2019-05-14T00:00:00Z
qemu-kvm-10:1.5.3-105.el7_2.19 cpe:/o:redhat:rhel_aus:7.2 RHSA-2019:1188 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 7.2 Telco Extended Update Support
kernel-0:3.10.0-327.78.2.el7 cpe:/o:redhat:rhel_tus:7.2 RHSA-2019:1172 2019-05-14T00:00:00Z
libvirt-0:1.2.17-13.el7_2.10 cpe:/o:redhat:rhel_tus:7.2 RHSA-2019:1186 2019-05-14T00:00:00Z
qemu-kvm-10:1.5.3-105.el7_2.19 cpe:/o:redhat:rhel_tus:7.2 RHSA-2019:1188 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions
kernel-0:3.10.0-327.78.2.el7 cpe:/o:redhat:rhel_e4s:7.2 RHSA-2019:1172 2019-05-14T00:00:00Z
libvirt-0:1.2.17-13.el7_2.10 cpe:/o:redhat:rhel_e4s:7.2 RHSA-2019:1186 2019-05-14T00:00:00Z
qemu-kvm-10:1.5.3-105.el7_2.19 cpe:/o:redhat:rhel_e4s:7.2 RHSA-2019:1188 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 7.3 Advanced Update Support
kernel-0:3.10.0-514.64.2.el7 cpe:/o:redhat:rhel_aus:7.3 RHSA-2019:1171 2019-05-14T00:00:00Z
libvirt-0:2.0.0-10.el7_3.14 cpe:/o:redhat:rhel_aus:7.3 RHSA-2019:1187 2019-05-14T00:00:00Z
qemu-kvm-10:1.5.3-126.el7_3.17 cpe:/o:redhat:rhel_aus:7.3 RHSA-2019:1189 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 7.3 Telco Extended Update Support
kernel-0:3.10.0-514.64.2.el7 cpe:/o:redhat:rhel_tus:7.3 RHSA-2019:1171 2019-05-14T00:00:00Z
libvirt-0:2.0.0-10.el7_3.14 cpe:/o:redhat:rhel_tus:7.3 RHSA-2019:1187 2019-05-14T00:00:00Z
qemu-kvm-10:1.5.3-126.el7_3.17 cpe:/o:redhat:rhel_tus:7.3 RHSA-2019:1189 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions
kernel-0:3.10.0-514.64.2.el7 cpe:/o:redhat:rhel_e4s:7.3 RHSA-2019:1171 2019-05-14T00:00:00Z
libvirt-0:2.0.0-10.el7_3.14 cpe:/o:redhat:rhel_e4s:7.3 RHSA-2019:1187 2019-05-14T00:00:00Z
qemu-kvm-10:1.5.3-126.el7_3.17 cpe:/o:redhat:rhel_e4s:7.3 RHSA-2019:1189 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 7.4 Extended Update Support
kernel-0:3.10.0-693.47.2.el7 cpe:/o:redhat:rhel_eus:7.4 RHSA-2019:1170 2019-05-14T00:00:00Z
libvirt-0:3.2.0-14.el7_4.13 cpe:/o:redhat:rhel_eus:7.4 RHSA-2019:1184 2019-05-14T00:00:00Z
qemu-kvm-10:1.5.3-141.el7_4.10 cpe:/o:redhat:rhel_eus:7.4 RHSA-2019:1185 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 7.5 Extended Update Support
kernel-0:3.10.0-862.32.2.el7 cpe:/o:redhat:rhel_eus:7.5 RHSA-2019:1155 2019-05-14T00:00:00Z
libvirt-0:3.9.0-14.el7_5.9 cpe:/o:redhat:rhel_eus:7.5 RHSA-2019:1182 2019-05-14T00:00:00Z
qemu-kvm-10:1.5.3-156.el7_5.7 cpe:/o:redhat:rhel_eus:7.5 RHSA-2019:1183 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 8
virt:rhel-8000020190510171727.55190bc5 cpe:/a:redhat:enterprise_linux:8 RHSA-2019:1175 2019-05-14T00:00:00Z
kernel-rt-0:4.18.0-80.1.2.rt9.145.el8_0 cpe:/a:redhat:enterprise_linux:8::nfv RHSA-2019:1174 2019-05-14T00:00:00Z
kernel-0:4.18.0-80.1.2.el8_0 cpe:/o:redhat:enterprise_linux:8 RHSA-2019:1167 2019-05-14T00:00:00Z
Red Hat Enterprise Linux 8 Advanced Virtualization
virt:8.0.0-8000020190530233731.55190bc5 cpe:/a:redhat:advanced_virtualization:8::el8 RHSA-2019:1455 2019-06-11T00:00:00Z
Red Hat Enterprise MRG 2
kernel-rt-1:3.10.0-693.47.2.rt56.641.el6rt cpe:/a:redhat:enterprise_mrg:2:server:el6 RHSA-2019:1190 2019-05-14T00:00:00Z
Red Hat OpenStack Platform 10.0 (Newton)
qemu-kvm-rhev-10:2.12.0-18.el7_6.5 cpe:/a:redhat:openstack:10::el7 RHSA-2019:1200 2019-05-14T00:00:00Z
Red Hat OpenStack Platform 13.0 (Queens)
qemu-kvm-rhev-10:2.12.0-18.el7_6.5 cpe:/a:redhat:openstack:13::el7 RHSA-2019:1201 2019-05-14T00:00:00Z
Red Hat OpenStack Platform 14.0 (Rocky)
qemu-kvm-rhev-10:2.12.0-18.el7_6.5 cpe:/a:redhat:openstack:14::el7 RHSA-2019:1202 2019-05-14T00:00:00Z
Red Hat OpenStack Platform 9.0 (Mitaka)
qemu-kvm-rhev-10:2.12.0-18.el7_6.5 cpe:/a:redhat:openstack:9::el7 RHSA-2019:1199 2019-05-14T00:00:00Z
Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS
vdsm-0:4.20.49-1.el7ev cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2019:1204 2019-05-14T00:00:00Z
redhat-release-virtualization-host-0:4.2-8.6.el7 cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2019:1209 2019-05-14T00:00:00Z
redhat-virtualization-host-0:4.2-20190512.0.el7_6 cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2019:1209 2019-05-14T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7
qemu-kvm-rhev-10:2.12.0-18.el7_6.5 cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2019:1179 2019-05-14T00:00:00Z
vdsm-0:4.30.13-4.el7ev cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2019:1203 2019-05-14T00:00:00Z
redhat-release-virtualization-host-0:4.3-0.7.el7 cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2019:1207 2019-05-14T00:00:00Z
redhat-virtualization-host-0:4.3-20190512.0.el7_6 cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2019:1207 2019-05-14T00:00:00Z
rhvm-appliance-0:4.3-20190506.0.el7 cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2019:1208 2019-05-14T00:00:00Z
qemu-kvm-rhev-10:2.12.0-33.el7 cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2019:2553 2019-08-22T00:00:00Z
Red Hat Virtualization Engine 4.2
rhvm-setup-plugins-0:4.2.14-1.el7ev cpe:/a:redhat:rhev_manager:4.2 RHSA-2019:1206 2019-05-14T00:00:00Z
Red Hat Virtualization Engine 4.3
rhvm-setup-plugins-0:4.3.1-1.el7ev cpe:/a:redhat:rhev_manager:4.3 RHSA-2019:1205 2019-05-14T00:00:00Z
qemu-kvm-rhev-10:2.12.0-33.el7 cpe:/a:redhat:rhev_manager:4.3 RHSA-2019:2553 2019-08-22T00:00:00Z
References
Link Providers
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html cve-icon cve-icon
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt cve-icon cve-icon
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:1455 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:2553 cve-icon cve-icon
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf cve-icon cve-icon
https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf cve-icon cve-icon
https://kc.mcafee.com/corporate/index?page=content&id=SB10292 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/ cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2019-11091 cve-icon
https://seclists.org/bugtraq/2019/Jun/28 cve-icon cve-icon
https://seclists.org/bugtraq/2019/Jun/36 cve-icon cve-icon
https://seclists.org/bugtraq/2019/Nov/15 cve-icon cve-icon
https://seclists.org/bugtraq/2020/Jan/21 cve-icon cve-icon
https://security.gentoo.org/glsa/202003-56 cve-icon cve-icon
https://usn.ubuntu.com/3977-3/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2019-11091 cve-icon
https://www.debian.org/security/2020/dsa-4602 cve-icon cve-icon
https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc cve-icon cve-icon
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html cve-icon cve-icon
https://www.synology.com/security/advisory/Synology_SA_19_24 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: intel

Published: 2019-05-30T15:28:28

Updated: 2024-08-04T22:40:16.292Z

Reserved: 2019-04-11T00:00:00

Link: CVE-2019-11091

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-05-30T16:29:01.417

Modified: 2024-11-21T04:20:31.233

Link: CVE-2019-11091

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-05-14T17:00:00Z

Links: CVE-2019-11091 - Bugzilla