CVE - CVE-2018-12126

CVE-ID
CVE-2018-12126	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20190624 [SECURITY] [DSA 4447-2] intel-microcode security update URL:https://seclists.org/bugtraq/2019/Jun/28 BUGTRAQ:20190624 [SECURITY] [DSA 4469-1] libvirt security update URL:https://seclists.org/bugtraq/2019/Jun/36 BUGTRAQ:20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu URL:https://seclists.org/bugtraq/2019/Nov/16 BUGTRAQ:20191112 [SECURITY] [DSA 4564-1] linux security update URL:https://seclists.org/bugtraq/2019/Nov/15 BUGTRAQ:20200114 [SECURITY] [DSA 4602-1] xen security update URL:https://seclists.org/bugtraq/2020/Jan/21 CONFIRM:http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt CONFIRM:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en CONFIRM:https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf CONFIRM:https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf CONFIRM:https://kc.mcafee.com/corporate/index?page=content&id=SB10292 CONFIRM:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html CONFIRM:https://www.synology.com/security/advisory/Synology_SA_19_24 DEBIAN:DSA-4602 URL:https://www.debian.org/security/2020/dsa-4602 FEDORA:FEDORA-2019-1f5832fc0e URL:https://lists.fedoraproject.org/archives/list/[email protected]/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/ FREEBSD:FreeBSD-SA-19:07 URL:https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc FREEBSD:FreeBSD-SA-19:26 URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc GENTOO:GLSA-202003-56 URL:https://security.gentoo.org/glsa/202003-56 MISC:http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html MLIST:[debian-lts-announce] 20190620 [SECURITY] [DLA 1789-2] intel-microcode security update URL:https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html REDHAT:RHSA-2019:1455 URL:https://access.redhat.com/errata/RHSA-2019:1455 REDHAT:RHSA-2019:2553 URL:https://access.redhat.com/errata/RHSA-2019:2553 SUSE:openSUSE-SU-2019:1505 URL:http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html SUSE:openSUSE-SU-2019:1805 URL:http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html SUSE:openSUSE-SU-2019:1806 URL:http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html UBUNTU:USN-3977-3 URL:https://usn.ubuntu.com/3977-3/
Assigning CNA
Intel Corporation
Date Record Created
20180611	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20180611)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)