CVE-2019-11139 - Vulnerability Details

Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction Required

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00126.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

2019.2 IPU – Intel(R) Xeon(R) Scalable Processors Voltage Setting Modulation

affected

Version	Status	Constraints
`See provided reference`	affected	—

Configuration 1 [-]

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:opensuse:leap:15.0:::::::*
	cpe:2.3:o:opensuse:leap:15.1:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:intel:xeon_8153_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8153:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:intel:xeon_8156_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8156:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:intel:xeon_8158_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8158:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:intel:xeon_8160_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8160:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:intel:xeon_8160f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8160f:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:intel:xeon_8160m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8160m:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:intel:xeon_8160t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8160t:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:intel:xeon_8164_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8164:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:intel:xeon_8168_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8168:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:intel:xeon_8170_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8170:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:intel:xeon_8170m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8170m:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:intel:xeon_8176_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8176:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:intel:xeon_8176f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8176f:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:intel:xeon_8176m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8176m:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:intel:xeon_8180_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8180:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:intel:xeon_8180m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8180m:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:intel:xeon_5115_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_5115:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:intel:xeon_5118_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_5118:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:intel:xeon_5119t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_5119t:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:intel:xeon_5120_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_5120:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:intel:xeon_5120t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_5120t:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:intel:xeon_5122_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_5122:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:intel:xeon_6126_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6126:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:intel:xeon_6126f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6126f:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:intel:xeon_6126t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6126t:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:intel:xeon_6128_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6128:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:intel:xeon_6130_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6130:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:intel:xeon_6130f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6130f:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:intel:xeon_6130t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6130t:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:intel:xeon_6132_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6132:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:intel:xeon_6134_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6134:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:intel:xeon_6134m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6134m:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:intel:xeon_6136_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6136:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:intel:xeon_6138_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6138:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:intel:xeon_6138f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6138f:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:intel:xeon_6138t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6138t:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:intel:xeon_6140_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6140:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:intel:xeon_6140m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6140m:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:intel:xeon_6142_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6142:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:intel:xeon_6142f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6142f:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:intel:xeon_6144_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6144:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:intel:xeon_6146_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6146:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:intel:xeon_6148_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6148:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:intel:xeon_6148f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6148f:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:intel:xeon_6150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6150:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:intel:xeon_6152_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6152:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:intel:xeon_6154_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6154:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:intel:xeon_4108_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4108:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:intel:xeon_4109t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4109t:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:intel:xeon_4110_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4110:-:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:intel:xeon_4112_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4112:-:*:*:*:*:*:*:*

Configuration 53 [-]

AND

cpe:2.3:o:intel:xeon_4114_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4114:-:*:*:*:*:*:*:*

Configuration 54 [-]

AND

cpe:2.3:o:intel:xeon_4114t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4114t:-:*:*:*:*:*:*:*

Configuration 55 [-]

AND

cpe:2.3:o:intel:xeon_4116_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4116:-:*:*:*:*:*:*:*

Configuration 56 [-]

AND

cpe:2.3:o:intel:xeon_4116t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4116t:-:*:*:*:*:*:*:*

Configuration 57 [-]

AND

cpe:2.3:o:intel:xeon_3104_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_3104:-:*:*:*:*:*:*:*

Configuration 58 [-]

AND

cpe:2.3:o:intel:xeon_3106_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_3106:-:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
microcode_ctl-4:20190618-1.20191112.1.el8_1	cpe:/o:redhat:enterprise_linux:8	RHEA-2019:3845	2019-11-12T00:00:00Z

No data.

Project Subscriptions

Vendors	Products
Debian Subscribe	Debian Linux Subscribe
Intel Subscribe	Xeon 3104 Subscribe Xeon 3104 Firmware Subscribe Xeon 3106 Subscribe Xeon 3106 Firmware Subscribe Xeon 4108 Subscribe Xeon 4108 Firmware Subscribe Xeon 4109t Subscribe Xeon 4109t Firmware Subscribe Xeon 4110 Subscribe Xeon 4110 Firmware Subscribe Xeon 4112 Subscribe Xeon 4112 Firmware Subscribe Xeon 4114 Subscribe Xeon 4114 Firmware Subscribe Xeon 4114t Subscribe Xeon 4114t Firmware Subscribe Xeon 4116 Subscribe Xeon 4116 Firmware Subscribe Xeon 4116t Subscribe Xeon 4116t Firmware Subscribe Xeon 5115 Subscribe Xeon 5115 Firmware Subscribe Xeon 5118 Subscribe Xeon 5118 Firmware Subscribe Xeon 5119t Subscribe Xeon 5119t Firmware Subscribe Xeon 5120 Subscribe Xeon 5120 Firmware Subscribe Xeon 5120t Subscribe Xeon 5120t Firmware Subscribe Xeon 5122 Subscribe Xeon 5122 Firmware Subscribe Xeon 6126 Subscribe Xeon 6126 Firmware Subscribe Xeon 6126f Subscribe Xeon 6126f Firmware Subscribe Xeon 6126t Subscribe Xeon 6126t Firmware Subscribe Xeon 6128 Subscribe Xeon 6128 Firmware Subscribe Xeon 6130 Subscribe Xeon 6130 Firmware Subscribe Xeon 6130f Subscribe Xeon 6130f Firmware Subscribe Xeon 6130t Subscribe Xeon 6130t Firmware Subscribe Xeon 6132 Subscribe Xeon 6132 Firmware Subscribe Xeon 6134 Subscribe Xeon 6134 Firmware Subscribe Xeon 6134m Subscribe Xeon 6134m Firmware Subscribe Xeon 6136 Subscribe Xeon 6136 Firmware Subscribe Xeon 6138 Subscribe Xeon 6138 Firmware Subscribe Xeon 6138f Subscribe Xeon 6138f Firmware Subscribe Xeon 6138t Subscribe Xeon 6138t Firmware Subscribe Xeon 6140 Subscribe Xeon 6140 Firmware Subscribe Xeon 6140m Subscribe Xeon 6140m Firmware Subscribe Xeon 6142 Subscribe Xeon 6142 Firmware Subscribe Xeon 6142f Subscribe Xeon 6142f Firmware Subscribe Xeon 6144 Subscribe Xeon 6144 Firmware Subscribe Xeon 6146 Subscribe Xeon 6146 Firmware Subscribe Xeon 6148 Subscribe Xeon 6148 Firmware Subscribe Xeon 6148f Subscribe Xeon 6148f Firmware Subscribe Xeon 6150 Subscribe Xeon 6150 Firmware Subscribe Xeon 6152 Subscribe Xeon 6152 Firmware Subscribe Xeon 6154 Subscribe Xeon 6154 Firmware Subscribe Xeon 8153 Subscribe Xeon 8153 Firmware Subscribe Xeon 8156 Subscribe Xeon 8156 Firmware Subscribe Xeon 8158 Subscribe Xeon 8158 Firmware Subscribe Xeon 8160 Subscribe Xeon 8160 Firmware Subscribe Xeon 8160f Subscribe Xeon 8160f Firmware Subscribe Xeon 8160m Subscribe Xeon 8160m Firmware Subscribe Xeon 8160t Subscribe Xeon 8160t Firmware Subscribe Xeon 8164 Subscribe Xeon 8164 Firmware Subscribe Xeon 8168 Subscribe Xeon 8168 Firmware Subscribe Xeon 8170 Subscribe Xeon 8170 Firmware Subscribe Xeon 8170m Subscribe Xeon 8170m Firmware Subscribe Xeon 8176 Subscribe Xeon 8176 Firmware Subscribe Xeon 8176f Subscribe Xeon 8176f Firmware Subscribe Xeon 8176m Subscribe Xeon 8176m Firmware Subscribe Xeon 8180 Subscribe Xeon 8180 Firmware Subscribe Xeon 8180m Subscribe Xeon 8180m Firmware Subscribe
Opensuse Subscribe	Leap Subscribe
Redhat Subscribe	Enterprise Linux Subscribe

Advisories

Source	ID	Title
Debian DLA	DLA-2051-1	intel-microcode security update
Debian DSA	DSA-4565-1	intel-microcode security update
Debian DSA	DSA-4565-2	intel-microcode security update
EUVD	EUVD-2019-2843	Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
Ubuntu USN	USN-4182-1	Intel Microcode update
Ubuntu USN	USN-4182-2	Intel Microcode update

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html
https://access.redhat.com/solutions/2019-microcode-nov
https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html
https://nvd.nist.gov/vuln/detail/CVE-2019-11139
https://seclists.org/bugtraq/2019/Dec/28
https://support.f5.com/csp/article/K42433061?utm_source=f5support&amp%3Butm_medium=RSS
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03969en_us
https://www.cve.org/CVERecord?id=CVE-2019-11139
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.html

History

Thu, 20 Mar 2025 05:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/o:redhat:enterprise_linux:8
Vendors & Products		Redhat Redhat enterprise Linux

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2019-11-14T18:18:56

Updated: 2024-08-04T22:48:08.917Z

Reserved: 2019-04-11T00:00:00

Link: CVE-2019-11139

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-11-14T19:15:13.190

Modified: 2024-11-21T04:20:36.767

Link: CVE-2019-11139

Redhat

Severity : Moderate

Publid Date: 2019-11-12T18:00:00Z

Links: CVE-2019-11139 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction Required

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object