CVE-2019-11139 - Vulnerability Details

Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction Required

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00117.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Intel	Xeon 3104 Xeon 3104 Firmware Xeon 3106 Xeon 3106 Firmware Xeon 4108 Xeon 4108 Firmware Xeon 4109t Xeon 4109t Firmware Xeon 4110 Xeon 4110 Firmware Xeon 4112 Xeon 4112 Firmware Xeon 4114 Xeon 4114 Firmware Xeon 4114t Xeon 4114t Firmware Xeon 4116 Xeon 4116 Firmware Xeon 4116t Xeon 4116t Firmware Xeon 5115 Xeon 5115 Firmware Xeon 5118 Xeon 5118 Firmware Xeon 5119t Xeon 5119t Firmware Xeon 5120 Xeon 5120 Firmware Xeon 5120t Xeon 5120t Firmware Xeon 5122 Xeon 5122 Firmware Xeon 6126 Xeon 6126 Firmware Xeon 6126f Xeon 6126f Firmware Xeon 6126t Xeon 6126t Firmware Xeon 6128 Xeon 6128 Firmware Xeon 6130 Xeon 6130 Firmware Xeon 6130f Xeon 6130f Firmware Xeon 6130t Xeon 6130t Firmware Xeon 6132 Xeon 6132 Firmware Xeon 6134 Xeon 6134 Firmware Xeon 6134m Xeon 6134m Firmware Xeon 6136 Xeon 6136 Firmware Xeon 6138 Xeon 6138 Firmware Xeon 6138f Xeon 6138f Firmware Xeon 6138t Xeon 6138t Firmware Xeon 6140 Xeon 6140 Firmware Xeon 6140m Xeon 6140m Firmware Xeon 6142 Xeon 6142 Firmware Xeon 6142f Xeon 6142f Firmware Xeon 6144 Xeon 6144 Firmware Xeon 6146 Xeon 6146 Firmware Xeon 6148 Xeon 6148 Firmware Xeon 6148f Xeon 6148f Firmware Xeon 6150 Xeon 6150 Firmware Xeon 6152 Xeon 6152 Firmware Xeon 6154 Xeon 6154 Firmware Xeon 8153 Xeon 8153 Firmware Xeon 8156 Xeon 8156 Firmware Xeon 8158 Xeon 8158 Firmware Xeon 8160 Xeon 8160 Firmware Xeon 8160f Xeon 8160f Firmware Xeon 8160m Xeon 8160m Firmware Xeon 8160t Xeon 8160t Firmware Xeon 8164 Xeon 8164 Firmware Xeon 8168 Xeon 8168 Firmware Xeon 8170 Xeon 8170 Firmware Xeon 8170m Xeon 8170m Firmware Xeon 8176 Xeon 8176 Firmware Xeon 8176f Xeon 8176f Firmware Xeon 8176m Xeon 8176m Firmware Xeon 8180 Xeon 8180 Firmware Xeon 8180m Xeon 8180m Firmware
Opensuse	Leap
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:opensuse:leap:15.0:::::::*
	cpe:2.3:o:opensuse:leap:15.1:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:intel:xeon_8153_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8153:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:intel:xeon_8156_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8156:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:intel:xeon_8158_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8158:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:intel:xeon_8160_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8160:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:intel:xeon_8160f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8160f:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:intel:xeon_8160m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8160m:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:intel:xeon_8160t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8160t:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:intel:xeon_8164_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8164:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:intel:xeon_8168_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8168:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:intel:xeon_8170_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8170:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:intel:xeon_8170m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8170m:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:intel:xeon_8176_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8176:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:intel:xeon_8176f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8176f:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:intel:xeon_8176m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8176m:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:intel:xeon_8180_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8180:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:intel:xeon_8180m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_8180m:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:intel:xeon_5115_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_5115:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:intel:xeon_5118_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_5118:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:intel:xeon_5119t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_5119t:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:intel:xeon_5120_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_5120:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:intel:xeon_5120t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_5120t:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:intel:xeon_5122_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_5122:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:intel:xeon_6126_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6126:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:intel:xeon_6126f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6126f:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:intel:xeon_6126t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6126t:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:intel:xeon_6128_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6128:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:intel:xeon_6130_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6130:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:intel:xeon_6130f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6130f:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:intel:xeon_6130t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6130t:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:intel:xeon_6132_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6132:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:intel:xeon_6134_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6134:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:intel:xeon_6134m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6134m:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:intel:xeon_6136_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6136:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:intel:xeon_6138_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6138:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:intel:xeon_6138f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6138f:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:intel:xeon_6138t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6138t:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:intel:xeon_6140_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6140:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:intel:xeon_6140m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6140m:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:intel:xeon_6142_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6142:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:intel:xeon_6142f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6142f:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:intel:xeon_6144_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6144:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:intel:xeon_6146_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6146:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:intel:xeon_6148_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6148:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:intel:xeon_6148f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6148f:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:intel:xeon_6150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6150:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:intel:xeon_6152_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6152:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:intel:xeon_6154_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_6154:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:intel:xeon_4108_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4108:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:intel:xeon_4109t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4109t:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:intel:xeon_4110_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4110:-:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:intel:xeon_4112_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4112:-:*:*:*:*:*:*:*

Configuration 53 [-]

AND

cpe:2.3:o:intel:xeon_4114_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4114:-:*:*:*:*:*:*:*

Configuration 54 [-]

AND

cpe:2.3:o:intel:xeon_4114t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4114t:-:*:*:*:*:*:*:*

Configuration 55 [-]

AND

cpe:2.3:o:intel:xeon_4116_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4116:-:*:*:*:*:*:*:*

Configuration 56 [-]

AND

cpe:2.3:o:intel:xeon_4116t_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_4116t:-:*:*:*:*:*:*:*

Configuration 57 [-]

AND

cpe:2.3:o:intel:xeon_3104_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_3104:-:*:*:*:*:*:*:*

Configuration 58 [-]

AND

cpe:2.3:o:intel:xeon_3106_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_3106:-:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
microcode_ctl-4:20190618-1.20191112.1.el8_1	cpe:/o:redhat:enterprise_linux:8	RHEA-2019:3845	2019-11-12T00:00:00Z

No data.

Advisories

Source	ID	Title
Debian DLA	DLA-2051-1	intel-microcode security update
Debian DSA	DSA-4565-1	intel-microcode security update
Debian DSA	DSA-4565-2	intel-microcode security update
EUVD	EUVD-2019-2843	Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
Ubuntu USN	USN-4182-1	Intel Microcode update
Ubuntu USN	USN-4182-2	Intel Microcode update

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html
https://access.redhat.com/solutions/2019-microcode-nov
https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html
https://nvd.nist.gov/vuln/detail/CVE-2019-11139
https://seclists.org/bugtraq/2019/Dec/28
https://support.f5.com/csp/article/K42433061?utm_source=f5support&amp%3Butm_medium=RSS
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03969en_us
https://www.cve.org/CVERecord?id=CVE-2019-11139
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.html

History

Thu, 20 Mar 2025 05:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/o:redhat:enterprise_linux:8
Vendors & Products		Redhat Redhat enterprise Linux

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2019-11-14T18:18:56

Updated: 2024-08-04T22:48:08.917Z

Reserved: 2019-04-11T00:00:00

Link: CVE-2019-11139

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-11-14T19:15:13.190

Modified: 2024-11-21T04:20:36.767

Link: CVE-2019-11139

Redhat

Severity : Moderate

Publid Date: 2019-11-12T18:00:00Z

Links: CVE-2019-11139 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction Required

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction Required

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object