1758414 – (CVE-2019-0117) CVE-2019-0117 hw: Intel SGX information leak

Bug 1758414 (CVE-2019-0117) - CVE-2019-0117 hw: Intel SGX information leak

Summary: CVE-2019-0117 hw: Intel SGX information leak

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2019-0117
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1766434 1766435 1766436 1766437 1766438 1766439 1766440 1766441 1766442 1766443 1766444 1766923 1767753 1771648
Blocks:	1752312
TreeView+	depends on / blocked

Reported:	2019-10-04 05:13 UTC by Wade Mealing
Modified:	2021-10-25 22:12 UTC (History)
CC List:	10 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory.
Clone Of:
Environment:
Last Closed:	2021-10-25 22:12:15 UTC

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHEA-2019:3845	0	None	None	None	2019-11-12 21:37:13 UTC
Red Hat Product Errata	RHEA-2019:3846	0	None	None	None	2019-11-12 22:38:14 UTC

Description Wade Mealing 2019-10-04 05:13:57 UTC

A flaw was found in the implementation of SGX around the access control of protected memory.  A local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code is able to infer the contents of the SGX protected memory.

Comment 7 Wade Mealing 2019-11-12 08:25:15 UTC

Acknowledgements:

Red Hat thanks Intel for reporting this issue and collaborating on the mitigations.

Comment 8 Prasad Pandit 2019-11-12 09:32:37 UTC

Statement:

Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/2019-microcode-nov

Comment 10 Prasad Pandit 2019-11-12 09:32:41 UTC

Mitigation:

As of this time there are no known mitigations. Please install relevant updated packages to address this flaw.

Comment 11 Prasad Pandit 2019-11-12 18:08:15 UTC

Created microcode_ctl tracking bugs for this issue:

Affects: fedora-all [bug 1771648]

Comment 12 Prasad Pandit 2019-11-12 18:38:38 UTC

External References:

https://access.redhat.com/solutions/2019-microcode-nov
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00219.html

Note You need to log in before you can comment on or make changes to this bug.