Lucene search

K
intelIntel Security CenterINTEL:INTEL-SA-00271
HistoryNov 12, 2019 - 12:00 a.m.

2019.2 IPU – Intel® Xeon® Scalable Processors Voltage Setting Modulation Advisory

2019-11-1200:00:00
Intel Security Center
www.intel.com
20

EPSS

0

Percentile

14.2%

Summary:

A potential security vulnerability in some Intel® Xeon® Scalable Processors may allow denial of service.** **Intel is releasing firmware updates to mitigate this potential vulnerability.

Vulnerability Details:

CVEID: CVE-2019-11139

Description: Improper conditions check in the voltage modulation interface for some Intel® Xeon® Scalable Processors may allow a privileged user to potentially enable denial of service via local access.

CVSS Base Score: 5.8 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:H

Affected Products:

Intel® Xeon® Scalable Processors:

  • Intel® Xeon® Platinum Processors: 8153, 8156, 8158, 8160, 8160F, 8160M, 8160T, 8164, 8168, 8170, 8170M, 8176, 8176F, 8176M, 8180, 8180M

  • Intel® Xeon® Gold Processors: 5115, 5118, 5119T, 5120, 5120T, 5122, 6126, 6126F, 6126T, 6128, 6130, 6130F, 6130T, 6132, 6134, 6134M, 6136, 6138, 6138F, 6138T, 6140, 6140M, 6142, 6142F, 6142M, 6144, 6146, 6148, 6148F, 6150, 6152, 6154

  • Intel® Xeon® Silver Processors: 4108, 4109T, 4110, 4112, 4114, 4114T, 4116, 4116T

  • Intel® Xeon® Bronze Processors: 3104, 3106

Recommendations:

Intel recommends that users of the Intel® Xeon® Scalable Processors listed above update to the latest firmware version provided by the system manufacturer that addresses these issues.

If the system configuration is believed to be untrusted, it is recommended that the firmware update only be applied through the BIOS.

Acknowledgements:

This issue was found internally by Intel.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.