A Spectre gadget was found in the Linux kernel’s implementation of system interrupts. An attacker with local access could use this information to reveal private data through a Spectre like side channel.

Mitigation

For mitigation related information, please refer to the Red Hat Knowledgebase article: <https://access.redhat.com/articles/4329821>

References

bugzilla.redhat.com/show_bug.cgi?id=1724389

nvd.nist.gov/vuln/detail/CVE-2019-1125

www.cve.org/CVERecord?id=CVE-2019-1125

openvas 29

nessus 72

veracode 1

mscve 1

oraclelinux 11

cisa 1

githubexploit 1

exploitpack 1

fedora 6

thn 1

redhat 14

kaspersky 3

huawei 1

ubuntu 5

zdt 1

threatpost 1

amazon 2

exploitdb 1

centos 2

mageia 3

prion 1

ubuntucve 1

debiancve 1

cve 1

f5 1

virtuozzo 2

lenovo 1

slackware 1

suse 2

photon 3

debian 6

cloudfoundry 2

osv 4

ibm 4

fortinet 1

mskb 11

openvas

Greenbone OS - 'Spectre SWAPGS' gadget vulnerability - August 19

2019-08-26 00:00:00

Fedora Update for kernel-headers FEDORA-2019-e37c348348

2019-08-12 00:00:00

Ubuntu Update for linux-aws USN-4096-1

2019-08-14 00:00:00

nessus

RHEL 6 : kernel (RHSA-2019:2695)

2019-09-11 00:00:00

Amazon Linux AMI : kernel (ALAS-2019-1253)

2019-08-12 00:00:00

Amazon Linux 2 : kernel (ALAS-2019-1253)

2019-08-12 00:00:00

veracode

Information Disclosure

2019-08-14 00:12:16

mscve

Windows Kernel Information Disclosure Vulnerability

2019-08-06 07:00:00

oraclelinux

Unbreakable Enterprise kernel security update

2019-08-06 00:00:00

Unbreakable Enterprise kernel security update

2019-09-09 00:00:00

Unbreakable Enterprise kernel security update

2019-08-06 00:00:00

cisa

SWAPGS Spectre Side-Channel Vulnerability

2019-08-06 00:00:00

githubexploit

Exploit for Vulnerability in Microsoft

2020-01-27 12:27:53

exploitpack

Windows Kernel - Information Disclosure

2020-01-27 00:00:00

fedora

[SECURITY] Fedora 29 Update: kernel-headers-5.2.7-100.fc29

2019-08-11 01:43:14

[SECURITY] Fedora 29 Update: kernel-tools-5.2.7-100.fc29

2019-08-11 01:43:14

[SECURITY] Fedora 30 Update: kernel-tools-5.2.7-200.fc30

2019-08-11 01:15:14

thn

SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs

2019-08-06 20:00:00

redhat

(RHSA-2019:3011) Moderate: Red Hat Virtualization security, bug fix, and enhancement update

2019-10-10 14:48:00

(RHSA-2019:2695) Moderate: kernel security and bug fix update

2019-09-10 09:57:53

(RHSA-2019:2600) Important: kernel security and bug fix update

2019-09-03 13:19:05

kaspersky

KLA11696 OSI vulnerability in Microsoft products (ESU)

2019-08-06 00:00:00

KLA11700 OSI vulnerability in Microsoft products (ESU)

2019-08-06 00:00:00

KLA11529 Windows Kernel Information Disclosure Vulnerability

2019-08-06 00:00:00

huawei

Security Advisory - Information Disclosure Vulnerability about SWAPGS Instruction

2020-04-08 00:00:00

ubuntu

Linux kernel (AWS) vulnerability

2019-08-13 00:00:00

Linux kernel vulnerabilities

2019-08-13 00:00:00

Linux kernel (Xenial HWE) vulnerabilities

2019-08-13 00:00:00

zdt

Windows Kernel - Information Disclosure Vulnerability

2020-02-15 00:00:00

threatpost

New SWAPGS Side-Channel Attack Bypasses Spectre and Meltdown Defenses

2019-08-07 13:55:07

amazon

Medium: kernel

2019-08-05 17:40:00

Medium: kernel

2019-08-05 17:48:00

exploitdb

Microsoft Windows Kernel - Information Disclosure

2020-01-27 00:00:00

centos

bpftool, kernel, perf, python security update

2019-09-18 20:39:01

kernel, perf, python security update

2019-08-16 21:55:43

mageia

Updated kernel packages fix security vulnerabilities

2019-08-13 00:08:18

Updated kernel packages fix security vulnerabilities

2019-08-13 00:08:18

Updated kernel-linus packages fix security vulnerabilities

2019-11-20 00:16:53

prion

Information disclosure

2019-09-03 18:15:00

ubuntucve

CVE-2019-1125

2019-08-06 00:00:00

debiancve

CVE-2019-1125

2019-09-03 18:15:00

cve

CVE-2019-1125

2019-09-03 18:15:00

K31085564 : Spectre SWAPGS gadget vulnerability CVE-2019-1125

2019-08-23 00:00:00

virtuozzo

Important kernel security update: New kernel 2.6.32-042stab140.1; Virtuozzo 6.0 Update 12 Hotfix 45 (6.0.12-3747)

2019-08-19 00:00:00

Important kernel security update: New kernel 2.6.32-042stab140.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

2019-08-19 00:00:00

lenovo

Speculative Execution Side Channel Vulnerability Variants - Lenovo Support US

2018-09-13 14:41:00

slackware

[slackware-security] Slackware 14.2 kernel

2019-08-14 06:12:49

suse

Security update for the Linux Kernel (important)

2019-08-16 00:00:00

Security update for the Linux Kernel (important)

2019-08-16 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0175

2019-09-10 00:00:00

Critical Photon OS Security Update - PHSA-2019-0175

2019-09-03 00:00:00

Critical Photon OS Security Update - PHSA-2019-0250

2019-09-03 00:00:00

debian

[SECURITY] [DLA 1884-1] linux security update

2019-08-14 00:16:24

[SECURITY] [DSA 4495-1] linux security update

2019-08-10 21:15:57

[SECURITY] [DSA 4495-1] linux security update

2019-08-10 21:15:57

cloudfoundry

USN-4095-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

2019-08-29 00:00:00

USN-4094-1: Linux kernel vulnerabilities | Cloud Foundry

2019-09-30 00:00:00

osv

linux - security update

2019-08-10 00:00:00

linux - security update

2019-08-13 00:00:00

linux-4.9 - security update

2019-08-13 00:00:00

ibm

Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to Using Components with Known Vulnerabilities

2020-10-28 17:16:55

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-ze

2020-07-24 21:16:35

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-ze

2020-07-24 21:16:35

fortinet

Meltdown and Spectre class vulnerabilities

2019-08-26 00:00:00

mskb

July 9, 2019—KB4507464 (Security-only update)

2019-08-06 07:00:00

July 9, 2019—KB4507461 (Security-only update)

2019-08-06 07:00:00

July 9, 2019—KB4507456 (Security-only update)

2019-08-06 07:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

52.2%

JSON

Related for RH:CVE-2019-1125