Ubuntu.comUB:CVE-2020-0550CVE-2020-0550
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
11.7%
Improper data forwarding in some data cache for some Intelยฎ Processors
may allow an authenticated user to potentially enable information
disclosure via local access. The list of affected products is provided in
intel-sa-00330:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00330.html
Notes
| Author | Note |
|---|---|
| sbeattie | affects processors from Intel only |
| mdeslaur | Intel has no plans to release microcode updates for this issue, marking as ignored |
References
launchpad.net/bugs/cve/CVE-2020-0550
nvd.nist.gov/vuln/detail/CVE-2020-0550
security-tracker.debian.org/tracker/CVE-2020-0550
software.intel.com/security-software-guidance/advisory-guidance/snoop-assisted-l1-data-sampling
software.intel.com/security-software-guidance/deep-dives/deep-dive-snoop-assisted-l1-data-sampling
software.intel.com/security-software-guidance/insights/deep-dive-snoop-assisted-l1-data-sampling
software.intel.com/security-software-guidance/software-guidance/snoop-assisted-l1-data-sampling
www.cve.org/CVERecord?id=CVE-2020-0550
Related
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
11.7%