Information Disclosure
Source : HP, HP Product Security Response Team (PSRT)
Reported By : Intel
Potential security vulnerabilities in Intel CPUs may allow information
disclosure. Researchers have referred to these vulnerabilities as ZombieLoad,
RIDL, and Fallout. See table below for further details.
Vulnerability
|
Description
|
CVE
—|—|—
Fallout, RIDL
|
Microarchitectural Store Buffer Data Sampling (MSBDS)
|
CVE-2018-12126
RIDL
|
Microarchitectural Load Port Data Sampling (MLPDS)
|
CVE-2018-12127
ZombieLoad, RIDL
|
Microarchitectural Fill Buffer Data Sampling (MFBDS)
|
CVE-2018-12130
RIDL
|
Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
|
CVE-2019-11091
Both software updates and firmware updates are required. See the links below
for more information regarding software updates.
Hypervisors could also be affected. Check with your hypervisor vendor for
potential software patches.
HP has identified the affected platforms and target dates for Softpaqs for
firmware updates. See the affected platforms listed below.