A potential security vulnerability in some Intel® Xeon® Scalable Processors may allow denial of service.** **Intel is releasing firmware updates to mitigate this potential vulnerability.
CVEID: CVE-2019-11139
Description: Improper conditions check in the voltage modulation interface for some Intel® Xeon® Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
CVSS Base Score: 5.8 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:H
Intel® Xeon® Scalable Processors:
Intel® Xeon® Platinum Processors: 8153, 8156, 8158, 8160, 8160F, 8160M, 8160T, 8164, 8168, 8170, 8170M, 8176, 8176F, 8176M, 8180, 8180M
Intel® Xeon® Gold Processors: 5115, 5118, 5119T, 5120, 5120T, 5122, 6126, 6126F, 6126T, 6128, 6130, 6130F, 6130T, 6132, 6134, 6134M, 6136, 6138, 6138F, 6138T, 6140, 6140M, 6142, 6142F, 6142M, 6144, 6146, 6148, 6148F, 6150, 6152, 6154
Intel® Xeon® Silver Processors: 4108, 4109T, 4110, 4112, 4114, 4114T, 4116, 4116T
Intel® Xeon® Bronze Processors: 3104, 3106
Intel recommends that users of the Intel® Xeon® Scalable Processors listed above update to the latest firmware version provided by the system manufacturer that addresses these issues.
If the system configuration is believed to be untrusted, it is recommended that the firmware update only be applied through the BIOS.
This issue was found internally by Intel.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.