Bug 1788786 (CVE-2020-0548)

Summary: CVE-2020-0548 hw: Vector Register Data Sampling
Product: [Other] Security Response Reporter: Wade Mealing <wmealing>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: aarapov, eshatokhin, esyr, jarodwilson, jonathan, mikedep333, poros, ppandit, security-response-team, skozina
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-06-09 23:20:26 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1795348, 1795352, 1795353, 1795354    
Bug Blocks: 1790307    

Description Wade Mealing 2020-01-08 05:43:51 UTC 
A flaw was found in the implementation of Intel processors where a local attacker may be able to enable to gain information about registers used for vector calculations by observing register state from other processes running on the system.

Reference:
----------
  -> https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling

Additional information:
-----------------------
  -> https://en.wikipedia.org/wiki/Vector_processor
  -> https://software.intel.com/en-us/articles/introduction-to-intel-advanced-vector-extensions
Comment 3 Prasad Pandit 2020-01-27 18:22:18 UTC 
Created microcode_ctl tracking bugs for this issue:

Affects: fedora-all [bug 1795348]
Comment 7 Doran Moppert 2020-01-29 08:53:49 UTC 
External References:

https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling
https://cacheoutattack.com/CacheOut.pdf
https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling
https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/
Comment 9 errata-xmlrpc 2020-06-09 18:12:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:2431 https://access.redhat.com/errata/RHSA-2020:2431
Comment 10 errata-xmlrpc 2020-06-09 19:23:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2020:2433 https://access.redhat.com/errata/RHSA-2020:2433
Comment 11 errata-xmlrpc 2020-06-09 22:57:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:2432 https://access.redhat.com/errata/RHSA-2020:2432
Comment 12 Product Security DevOps Team 2020-06-09 23:20:26 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-0548
Comment 13 errata-xmlrpc 2020-06-23 13:11:43 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2020:2677 https://access.redhat.com/errata/RHSA-2020:2677
Comment 14 errata-xmlrpc 2020-06-23 13:46:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.2 Advanced Update Support

Via RHSA-2020:2679 https://access.redhat.com/errata/RHSA-2020:2679
Comment 15 errata-xmlrpc 2020-06-23 13:52:27 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.3 Advanced Update Support
  Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.3 Telco Extended Update Support

Via RHSA-2020:2680 https://access.redhat.com/errata/RHSA-2020:2680
Comment 16 errata-xmlrpc 2020-06-23 15:36:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6.5 Advanced Update Support

Via RHSA-2020:2707 https://access.redhat.com/errata/RHSA-2020:2707
Comment 17 errata-xmlrpc 2020-06-23 15:36:48 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6.6 Advanced Update Support

Via RHSA-2020:2706 https://access.redhat.com/errata/RHSA-2020:2706
Comment 18 errata-xmlrpc 2020-06-29 07:46:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions

Via RHSA-2020:2757 https://access.redhat.com/errata/RHSA-2020:2757
Comment 19 errata-xmlrpc 2020-06-29 08:10:58 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Extended Update Support

Via RHSA-2020:2758 https://access.redhat.com/errata/RHSA-2020:2758
Comment 20 errata-xmlrpc 2020-06-30 12:11:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.4 Advanced Update Support
  Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.4 Telco Extended Update Support

Via RHSA-2020:2771 https://access.redhat.com/errata/RHSA-2020:2771
Comment 21 errata-xmlrpc 2020-07-07 10:18:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Extended Update Support

Via RHSA-2020:2842 https://access.redhat.com/errata/RHSA-2020:2842
Comment 22 errata-xmlrpc 2021-08-09 09:51:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:3027 https://access.redhat.com/errata/RHSA-2021:3027
Comment 23 errata-xmlrpc 2021-08-09 10:09:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:3028 https://access.redhat.com/errata/RHSA-2021:3028
Comment 25 errata-xmlrpc 2021-08-10 13:40:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Extended Update Support

Via RHSA-2021:3029 https://access.redhat.com/errata/RHSA-2021:3029
Comment 26 errata-xmlrpc 2021-08-17 08:30:04 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2021:3176 https://access.redhat.com/errata/RHSA-2021:3176
Comment 27 errata-xmlrpc 2021-08-24 09:54:34 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.4 Advanced Update Support
  Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.4 Telco Extended Update Support

Via RHSA-2021:3255 https://access.redhat.com/errata/RHSA-2021:3255
Comment 28 errata-xmlrpc 2021-08-31 07:56:49 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.2 Advanced Update Support

Via RHSA-2021:3323 https://access.redhat.com/errata/RHSA-2021:3323
Comment 29 errata-xmlrpc 2021-08-31 08:04:07 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.3 Advanced Update Support

Via RHSA-2021:3322 https://access.redhat.com/errata/RHSA-2021:3322
Comment 30 errata-xmlrpc 2021-08-31 08:24:07 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Advanced Update Support
  Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.6 Telco Extended Update Support

Via RHSA-2021:3317 https://access.redhat.com/errata/RHSA-2021:3317
Comment 31 errata-xmlrpc 2021-08-31 09:21:07 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:3364 https://access.redhat.com/errata/RHSA-2021:3364