CVE-2019-11135
6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.5 Medium
AI Score
Confidence
High
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
22.4%
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
References
lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html
lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html
lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html
packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
www.openwall.com/lists/oss-security/2019/12/10/3
www.openwall.com/lists/oss-security/2019/12/10/4
www.openwall.com/lists/oss-security/2019/12/11/1
access.redhat.com/errata/RHSA-2019:3936
access.redhat.com/errata/RHSA-2020:0026
access.redhat.com/errata/RHSA-2020:0028
access.redhat.com/errata/RHSA-2020:0204
access.redhat.com/errata/RHSA-2020:0279
access.redhat.com/errata/RHSA-2020:0366
access.redhat.com/errata/RHSA-2020:0555
access.redhat.com/errata/RHSA-2020:0666
access.redhat.com/errata/RHSA-2020:0730
kc.mcafee.com/corporate/index?page=content&id=SB10306
lists.debian.org/debian-lts-announce/2019/12/msg00035.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/
seclists.org/bugtraq/2019/Dec/28
seclists.org/bugtraq/2019/Nov/26
seclists.org/bugtraq/2020/Jan/21
security.gentoo.org/glsa/202003-56
support.f5.com/csp/article/K02912734?utm_source=f5support&%3Butm_medium=RSS
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us
usn.ubuntu.com/4186-2/
www.debian.org/security/2020/dsa-4602
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html
www.oracle.com/security-alerts/cpujan2021.html
Social References
More
Related
6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.5 Medium
AI Score
Confidence
High
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
22.4%