Bug 1667782 (CVE-2018-12127)
Summary: | CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS) | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Wade Mealing <wmealing> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | acaringi, agedosier, ahardin, airlied, amit, areis, berrange, bhu, blc, bleanhar, bmcclain, brdeoliv, bskeggs, ccoleman, cfergeau, clalancette, danken, dbecker, dblechte, dedgar, dfediuck, dhoward, dvlasenk, dwmw2, eblake, eedri, ehabkost, esammons, fhrbata, hdegoede, hkrzesin, iboverma, ichavero, itamar, jarodwilson, jcm, jdenemar, jen, jeremy, jferlan, jforbes, jglisse, jgoulding, jjoyce, jkacur, jlelli, jmario, john.j5live, jonathan, josef, jross, jschluet, jstancek, jsuchane, jwboyer, kbasil, kernel-maint, kernel-mgr, knoel, labbott, laine, lgoncalv, lhh, libvirt-maint, linville, lpeer, lsurette, matt, mburns, mchappel, mchehab, mcressma, mgoldboi, michal.skrivanek, mjg59, mkenneth, mlangsdo, mrezanin, mst, nmurray, osoukup, pbonzini, pkrempa, plougher, pmatouse, pmyers, rbalakri, ribarry, rjones, rt-maint, rvrbovsk, sbonazzo, sclewis, security-response-team, sherold, slinaber, srevivo, steved, tburke, tgolembi, veillard, virt-maint, virt-maint, williams, ycui, yjog, ykopkova, yturgema |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-05-22 15:10:30 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1690358, 1690359, 1690360, 1690361, 1690362, 1692388, 1692599, 1693234, 1693235, 1693236, 1693237, 1693238, 1693239, 1693240, 1693241, 1698887, 1698889, 1698890, 1698891, 1698892, 1698894, 1698895, 1698896, 1698897, 1698898, 1698899, 1698900, 1698901, 1698902, 1698903, 1698904, 1698905, 1698906, 1698907, 1698908, 1698909, 1698910, 1698911, 1698912, 1698913, 1698914, 1698915, 1698916, 1698917, 1698925, 1698926, 1703308, 1703309, 1703310, 1703311, 1703312, 1703313, 1704537, 1704538, 1704539, 1704540, 1704552, 1704553, 1704554, 1704555, 1704565, 1704566, 1704618, 1704619, 1704620, 1704621, 1704622, 1704623, 1704624, 1704986, 1705791, 1707267, 1709978, 1709979, 1710004, 1711105, 1716256, 1716261 | ||
Bug Blocks: | 1646797, 1705393, 1705394, 1705395, 1705397, 1705398, 1705399 |
Description
Wade Mealing
2019-01-21 04:29:27 UTC
*** Bug 1646775 has been marked as a duplicate of this bug. *** *** Bug 1646778 has been marked as a duplicate of this bug. *** Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1709978] Created libvirt tracking bugs for this issue: Affects: fedora-all [bug 1709979] External References: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html https://access.redhat.com/security/vulnerabilities/mds Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1710004] This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1175 https://access.redhat.com/errata/RHSA-2019:1175 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1167 https://access.redhat.com/errata/RHSA-2019:1167 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1174 https://access.redhat.com/errata/RHSA-2019:1174 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:1169 https://access.redhat.com/errata/RHSA-2019:1169 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:1180 https://access.redhat.com/errata/RHSA-2019:1180 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:1181 https://access.redhat.com/errata/RHSA-2019:1181 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:1177 https://access.redhat.com/errata/RHSA-2019:1177 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:1178 https://access.redhat.com/errata/RHSA-2019:1178 This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Via RHSA-2019:1179 https://access.redhat.com/errata/RHSA-2019:1179 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:1168 https://access.redhat.com/errata/RHSA-2019:1168 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:1176 https://access.redhat.com/errata/RHSA-2019:1176 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Extended Update Support Via RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1170 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Extended Update Support Via RHSA-2019:1184 https://access.redhat.com/errata/RHSA-2019:1184 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Extended Update Support Via RHSA-2019:1185 https://access.redhat.com/errata/RHSA-2019:1185 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.5 Extended Update Support Via RHSA-2019:1182 https://access.redhat.com/errata/RHSA-2019:1182 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.5 Extended Update Support Via RHSA-2019:1155 https://access.redhat.com/errata/RHSA-2019:1155 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.5 Extended Update Support Via RHSA-2019:1183 https://access.redhat.com/errata/RHSA-2019:1183 This issue has been addressed in the following products: Red Hat Enterprise Linux 6.6 Advanced Update Support Via RHSA-2019:1193 https://access.redhat.com/errata/RHSA-2019:1193 This issue has been addressed in the following products: Red Hat Enterprise Linux 6.5 Advanced Update Support Via RHSA-2019:1196 https://access.redhat.com/errata/RHSA-2019:1196 This issue has been addressed in the following products: Red Hat Enterprise Linux 6.6 Advanced Update Support Via RHSA-2019:1195 https://access.redhat.com/errata/RHSA-2019:1195 This issue has been addressed in the following products: Red Hat Enterprise Linux 6.5 Advanced Update Support Via RHSA-2019:1198 https://access.redhat.com/errata/RHSA-2019:1198 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions Red Hat Enterprise Linux 7.2 Telco Extended Update Support Via RHSA-2019:1172 https://access.redhat.com/errata/RHSA-2019:1172 This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2019:1190 https://access.redhat.com/errata/RHSA-2019:1190 This issue has been addressed in the following products: Red Hat Enterprise Linux 6.6 Advanced Update Support Via RHSA-2019:1194 https://access.redhat.com/errata/RHSA-2019:1194 This issue has been addressed in the following products: Red Hat OpenStack Platform 9.0 (Mitaka) Via RHSA-2019:1199 https://access.redhat.com/errata/RHSA-2019:1199 This issue has been addressed in the following products: Red Hat OpenStack Platform 10.0 (Newton) Via RHSA-2019:1200 https://access.redhat.com/errata/RHSA-2019:1200 This issue has been addressed in the following products: Red Hat OpenStack Platform 14.0 (Rocky) Via RHSA-2019:1202 https://access.redhat.com/errata/RHSA-2019:1202 This issue has been addressed in the following products: Red Hat OpenStack Platform 13.0 (Queens) Via RHSA-2019:1201 https://access.redhat.com/errata/RHSA-2019:1201 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Advanced Update Support Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions Red Hat Enterprise Linux 7.3 Telco Extended Update Support Via RHSA-2019:1171 https://access.redhat.com/errata/RHSA-2019:1171 This issue has been addressed in the following products: Red Hat Enterprise Linux 6.5 Advanced Update Support Via RHSA-2019:1197 https://access.redhat.com/errata/RHSA-2019:1197 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Telco Extended Update Support Red Hat Enterprise Linux 7.3 Advanced Update Support Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions Via RHSA-2019:1187 https://access.redhat.com/errata/RHSA-2019:1187 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Telco Extended Update Support Red Hat Enterprise Linux 7.2 Advanced Update Support Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions Via RHSA-2019:1186 https://access.redhat.com/errata/RHSA-2019:1186 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Advanced Update Support Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions Red Hat Enterprise Linux 7.3 Telco Extended Update Support Via RHSA-2019:1189 https://access.redhat.com/errata/RHSA-2019:1189 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions Red Hat Enterprise Linux 7.2 Telco Extended Update Support Via RHSA-2019:1188 https://access.redhat.com/errata/RHSA-2019:1188 This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Via RHSA-2019:1203 https://access.redhat.com/errata/RHSA-2019:1203 This issue has been addressed in the following products: Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS Via RHSA-2019:1204 https://access.redhat.com/errata/RHSA-2019:1204 This issue has been addressed in the following products: Red Hat Virtualization Engine 4.3 Via RHSA-2019:1205 https://access.redhat.com/errata/RHSA-2019:1205 This issue has been addressed in the following products: Red Hat Virtualization Engine 4.2 Via RHSA-2019:1206 https://access.redhat.com/errata/RHSA-2019:1206 This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Via RHSA-2019:1207 https://access.redhat.com/errata/RHSA-2019:1207 This issue has been addressed in the following products: Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS Via RHSA-2019:1209 https://access.redhat.com/errata/RHSA-2019:1209 This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Via RHSA-2019:1208 https://access.redhat.com/errata/RHSA-2019:1208 This issue has been addressed in the following products: Advanced Virtualization for RHEL 8.0.0.Z Via RHSA-2019:1455 https://access.redhat.com/errata/RHSA-2019:1455 This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Red Hat Virtualization Engine 4.3 Via RHSA-2019:2553 https://access.redhat.com/errata/RHSA-2019:2553 Statement: Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the 'Vulnerability Response' URL. OpenShift Container Platform 4 does not ship its own kernel package, instead using versions shipped in RHEL. Removing from flaw bug affects. OpenShift Container Platform 4 does not ship its own kernel package, instead using versions shipped in RHEL. Removing from flaw bug affects. |