Details of VAR-E-201906-0173

ID

VAR-E-201906-0173

CVE

cve_id:

CVE-2019-0174

Trust: 0.3

sources: BID: 108731

TITLE

DRAM CVE-2019-0174 Local Information Disclosure Vulnerability

Trust: 0.3

sources: BID: 108731

DESCRIPTION

DRAM is prone to an information disclosure vulnerability.
A local attacker may leverage this issue to gain sensitive information from the physical address space.

Trust: 0.3

sources: BID: 108731

AFFECTED PRODUCTS

vendor:	intel	model:	xeon processor e7 family	scope:	eq	version:	v30	Trust: 0.3
vendor:	intel	model:	xeon processor e5 family	scope:	eq	version:	v30	Trust: 0.3
vendor:	intel	model:	xeon processor e3 family	scope:	eq	version:	v30	Trust: 0.3
vendor:	intel	model:	pentium processor g series	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	pentium processor series	scope:	eq	version:	30000	Trust: 0.3
vendor:	intel	model:	core series processors	scope:	eq	version:	x0	Trust: 0.3
vendor:	intel	model:	celeron processor series	scope:	eq	version:	20000	Trust: 0.3
vendor:	intel	model:	4th generation core i5 processors	scope:	eq	version:	0	Trust: 0.3
vendor:	intel	model:	4th generation core i3 processors	scope:	eq	version:	0	Trust: 0.3
vendor:	dram	model:	dram	scope:	eq	version:	0	Trust: 0.3

sources: BID: 108731

EXPLOIT

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Trust: 0.3

sources: BID: 108731

PRICE

Free

Trust: 0.3

sources: BID: 108731

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 108731

CREDITS

Andrew Kwong and Daniel Genkin from University of Michigan.
Daniel Gruss from Graz University of Technology.
Yuval Yarom from University of Adelaide.

Trust: 0.3

sources: BID: 108731

EXTERNAL IDS

db:	NVD	id:	CVE-2019-0174	Trust: 0.3
db:	BID	id:	108731	Trust: 0.3

sources: BID: 108731

REFERENCES

url:	https://rambleed.com/docs/20190603-rambleed-web.pdf	Trust: 0.3
url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00247.html	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2019-0174	Trust: 0.3
url:	https://blogs.oracle.com/security/rambleed	Trust: 0.3

sources: BID: 108731

SOURCES

db:

BID

id:

108731

LAST UPDATE DATE

2022-07-27T09:11:13.929000+00:00

SOURCES UPDATE DATE

db:

BID

id:

108731

date:

2019-06-11T00:00:00

SOURCES RELEASE DATE

db:

BID

id:

108731

date:

2019-06-11T00:00:00