Vulnerability identifier: #VU61198
Vulnerability risk: Low
CVSSv3.1:
CVE-ID:
CWE-ID:
Exploitation vector: Local
Exploit availability:
Vulnerable software:
Intel Core X-series Processors
Hardware solutions /
Firmware
Intel Xeon E Processors
Hardware solutions /
Firmware
Intel Atom Processor X Series
Hardware solutions /
Firmware
6th Generation Intel Core Processors
Hardware solutions /
Firmware
Intel Xeon D Processors
Hardware solutions /
Firmware
Intel Xeon W processor family
Hardware solutions /
Firmware
2nd Generation Intel Xeon Scalable Processors
Hardware solutions /
Firmware
Intel Core X-series Processor
Hardware solutions /
Firmware
3rd Generation Intel Xeon Scalable Processors
Hardware solutions /
Firmware
Intel Atom Processors
Hardware solutions /
Firmware
Intel Celeron Processor J Series
Hardware solutions /
Firmware
Intel Celeron Processor N Series
Hardware solutions /
Firmware
Intel Atom Processor A Series
Hardware solutions /
Firmware
Intel Atom C processor family
Hardware solutions /
Firmware
Intel Puma 7 Family
Hardware solutions /
Firmware
Intel Pentium Processor Silver Series
Hardware solutions /
Firmware
10th Generation Intel Core Processors
Hardware solutions /
Firmware
Intel Core Processors with Intel Hybrid Technology
Hardware solutions /
Firmware
11th Generation Intel Core Processors
Hardware solutions /
Firmware
Intel Xeon Processors
Hardware solutions /
Firmware
Intel Celeron Processors
Hardware solutions /
Firmware
8th Generation Intel Core Processors
Hardware solutions /
Firmware
2th Generation Intel Core Processor Family
Hardware solutions /
Firmware
3th Generation Intel Core Processor Family
Hardware solutions /
Firmware
4th Generation Intel Core Processor Family
Hardware solutions /
Firmware
7th Generation Intel Core Processors
Hardware solutions /
Firmware
Intel Pentium Gold Processor Series
Hardware solutions /
Firmware
Intel Celeron Processor 5000 Series
Hardware solutions /
Firmware
Intel Pentium Processors
Hardware solutions /
Firmware
12th Generation Intel Core Processors
Hardware solutions /
Firmware
Intel Xeon E-2300 processor family
Hardware solutions /
Firmware
Intel Xeon Scalable Processors
Hardware solutions /
Other hardware appliances
Intel Pentium Processor J Series
Hardware solutions /
Other hardware appliances
Intel Pentium Processor N Series
Hardware solutions /
Other hardware appliances
Intel Atom Processor E3900 Series
Hardware solutions /
Other hardware appliances
Vendor: Intel
Description
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to non-transparent sharing of branch predictor selectors between contexts. A local user can gain unauthorized access to sensitive information on the system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Intel Core X-series Processors: All versions
Intel Xeon E Processors: All versions
Intel Atom Processor X Series: All versions
6th Generation Intel Core Processors: All versions
Intel Xeon Scalable Processors: All versions
Intel Xeon D Processors: All versions
Intel Xeon W processor family: All versions
2nd Generation Intel Xeon Scalable Processors: All versions
Intel Core X-series Processor: All versions
3rd Generation Intel Xeon Scalable Processors: All versions
Intel Atom Processors: All versions
Intel Pentium Processor J Series: All versions
Intel Pentium Processor N Series: All versions
Intel Celeron Processor J Series: All versions
Intel Celeron Processor N Series: All versions
Intel Atom Processor A Series: All versions
Intel Atom Processor E3900 Series: All versions
Intel Atom C processor family: All versions
Intel Puma 7 Family: All versions
Intel Pentium Processor Silver Series: All versions
10th Generation Intel Core Processors: All versions
Intel Core Processors with Intel Hybrid Technology: All versions
11th Generation Intel Core Processors: All versions
Intel Xeon Processors: All versions
Intel Celeron Processors: All versions
8th Generation Intel Core Processors: All versions
2th Generation Intel Core Processor Family: All versions
3th Generation Intel Core Processor Family: All versions
4th Generation Intel Core Processor Family: All versions
7th Generation Intel Core Processors: All versions
Intel Pentium Gold Processor Series: All versions
Intel Celeron Processor 5000 Series: All versions
Intel Pentium Processors: All versions
12th Generation Intel Core Processors: All versions
Intel Xeon E-2300 processor family: All versions
Fixed software versions
CPE
External links
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?