ID

VAR-202011-1361


CVE

CVE-2020-8698


TITLE

Intel(R)  Vulnerabilities in processor products

Trust: 0.8

sources: JVNDB: JVNDB-2020-013420

DESCRIPTION

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Intel(R) There are unspecified vulnerabilities in processor products.Information may be obtained. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2020:5183-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:5183 Issue date: 2020-11-23 CVE Names: CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 ===================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.3) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.3) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695) * hw: Vector Register Leakage-Active (CVE-2020-8696) * hw: Fast forward store predictor (CVE-2020-8698) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20201112 release, addresses: - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e; - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28; - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68; - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0; - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0; - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0; - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision 0xe0; - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up to 0x2006a08; - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up to 0xde; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up to 0xde; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up to 0xe0; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up to 0xde; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from revision 0xd6 up to 0xde; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up to 0xde; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up to 0xde; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up to 0xde; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up to 0xde; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up to 0xde; - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode from revision 0x43 up to 0x44; - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157 up to 0x1000159; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01 up to 0x4003003; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5002f01 up to 0x5003003; - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up to 0x40; - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up to 0x1e; - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up to 0x34; - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up to 0x18; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78 up to 0xa0; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca up to 0xe0. * Disable 06-8c-01 (TGL-UP3/UP4 B1) microcode update by default. * Add README file to the documentation directory. * Add publicly-sourced codenames list to supply to gen_provides.sh; update the latter to handle the somewhat different format. * Add SUMMARY.intel-ucode file 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface 1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active 1890356 - CVE-2020-8698 hw: Fast forward store predictor 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.3): Source: microcode_ctl-2.1-16.37.el7_3.src.rpm x86_64: microcode_ctl-2.1-16.37.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.3): Source: microcode_ctl-2.1-16.37.el7_3.src.rpm x86_64: microcode_ctl-2.1-16.37.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.3): Source: microcode_ctl-2.1-16.37.el7_3.src.rpm x86_64: microcode_ctl-2.1-16.37.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-8695 https://access.redhat.com/security/cve/CVE-2020-8696 https://access.redhat.com/security/cve/CVE-2020-8698 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX7v1LtzjgjWX9erEAQhhzBAAi0jG7U8W+Dm2A/Nq40aoLyRcGknttkV1 0wwy62OR4KUnqiP0gHB8Sjh6UpAPqhLNExc2+B8RyUB23yUe8/PRB1fUqpmf5150 mzwiORZfu572ao7GLskdc4SUydVSqY9QuTK7mTm+HGmOm2XQpics51xWjyfKM/TN 5lrrd3DXxTrXwsjva2tPJcCp9A1s3XAVjK16Fu+FcKvXsgxruUy41YxJMsY8Mxfj pPRzcXdMvPQYhvyv8y1KY2Mz5WMKdpOK83X6Y9iYL6d0g2UT1d3cw8AOHc6GYNFS MhLDUASoII2A4xWkXCOyaocrg58QFctEHGfnxwTU5ZGq/vfOduUSLE881thD+tqD qgQBaz0cp0tNr+nYXvhtyX9XE4ve/lszq5BxqnNF0xi9hP8T5DwZzXnhtZ+aZML2 3WlT3tqgkDE7hZqyqSG8Vd9ZLzVkjmnw7+tqRjIGvzN9eKQxLXg/fPkKeHGh+HOz y0zCBHlZKrKtz0lQHP48W9t6l0Rkh19hW1fIA46rW4C7erDcW78nBMJ2cTAxbBk1 ITTGOIHpUgn3882xKM/yAHUMK25Xkh2va/e8UpafYEazSM4H9T15N87UyCVneKdD s2N1tYHegx85eoOlt24Bw2RBPFHhFGWOtE0McQ09kyDKFyGJXUMqzPhBUvvJz8mE G3KPuKrDU0U= =Vap7 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-4628-2 November 12, 2020 intel-microcode regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM Summary: USN-4628-1 introduced a regression in the Intel Microcode for some processors. Unfortunately, that update prevented certain processors in the Intel Tiger Lake family from booting successfully. This update reverts the microcode update for the Tiger Lake processor family. Please note that the 'dis_ucode_ldr' kernel command line option can be added in the boot menu to disable microcode loading for system recovery. We apologize for the inconvenience. Original advisory details: Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: intel-microcode 3.20201110.0ubuntu0.20.10.2 Ubuntu 20.04 LTS: intel-microcode 3.20201110.0ubuntu0.20.04.2 Ubuntu 18.04 LTS: intel-microcode 3.20201110.0ubuntu0.18.04.2 Ubuntu 16.04 LTS: intel-microcode 3.20201110.0ubuntu0.16.04.2 Ubuntu 14.04 ESM: intel-microcode 3.20201110.0ubuntu0.14.04.2 After a standard system update you need to reboot your computer to make all the necessary changes

Trust: 2.43

sources: NVD: CVE-2020-8698 // JVNDB: JVNDB-2020-013420 // VULMON: CVE-2020-8698 // PACKETSTORM: 163924 // PACKETSTORM: 163954 // PACKETSTORM: 163758 // PACKETSTORM: 163772 // PACKETSTORM: 160191 // PACKETSTORM: 160018 // PACKETSTORM: 160188 // PACKETSTORM: 160035

AFFECTED PRODUCTS

vendor:siemensmodel:simatic ipc477escope:ltversion:21.01.15

Trust: 1.0

vendor:siemensmodel:simatic field pg m6scope:eqversion:*

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:netappmodel:hci storage node biosscope:eqversion: -

Trust: 1.0

vendor:netappmodel:clustered data ontapscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic ipc647escope:ltversion:25.02.08

Trust: 1.0

vendor:siemensmodel:simatic itp1000scope:ltversion:23.01.08

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:31

Trust: 1.0

vendor:siemensmodel:simatic field pg m5scope:ltversion:22.01.08

Trust: 1.0

vendor:netappmodel:hci compute node biosscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic ipc847escope:ltversion:25.02.08

Trust: 1.0

vendor:siemensmodel:simatic ipc477e proscope:ltversion:21.01.15

Trust: 1.0

vendor:siemensmodel:simatic ipc677escope:ltversion:25.02.08

Trust: 1.0

vendor:siemensmodel:simatic ipc427escope:ltversion:21.01.15

Trust: 1.0

vendor:netappmodel:solidfire biosscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic ipc627escope:ltversion:25.02.08

Trust: 1.0

vendor:intelmodel:microcodescope:eqversion: -

Trust: 1.0

vendor:netappmodel:hci compute node biosscope: - version: -

Trust: 0.8

vendor:fedoramodel:fedorascope: - version: -

Trust: 0.8

vendor:netappmodel:solidfire biosscope: - version: -

Trust: 0.8

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

vendor:netappmodel:clustered data ontapscope: - version: -

Trust: 0.8

vendor:インテルmodel:microcodescope: - version: -

Trust: 0.8

vendor:netappmodel:hci storage node biosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-013420 // NVD: CVE-2020-8698

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2020-8698
value: MEDIUM

Trust: 1.8

CNNVD: CNNVD-201911-1657
value: MEDIUM

Trust: 0.6

VULMON: CVE-2020-8698
value: LOW

Trust: 0.1

NVD: CVE-2020-8698
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.9

NVD: CVE-2020-8698
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2020-8698
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2020-8698 // JVNDB: JVNDB-2020-013420 // CNNVD: CNNVD-201911-1657 // NVD: CVE-2020-8698

PROBLEMTYPE DATA

problemtype:CWE-668

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2020-013420 // NVD: CVE-2020-8698

THREAT TYPE

local

Trust: 0.7

sources: PACKETSTORM: 160018 // CNNVD: CNNVD-201911-1657

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201911-1657

CONFIGURATIONS

sources: NVD: CVE-2020-8698

PATCH

title:NTAP-20201113-0006 Intel Intel Product Security Centerurl:https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html

Trust: 0.8

title:Intel Processors Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=135724

Trust: 0.6

title:Red Hat: Moderate: microcode_ctl security, bug fix and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205185 - security advisory

Trust: 0.1

title:Red Hat: Moderate: microcode_ctl security, bug fix and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205184 - security advisory

Trust: 0.1

title:Red Hat: Moderate: microcode_ctl security, bug fix and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205189 - security advisory

Trust: 0.1

title:Red Hat: Moderate: microcode_ctl security, bug fix and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205181 - security advisory

Trust: 0.1

title:Red Hat: Moderate: microcode_ctl security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205083 - security advisory

Trust: 0.1

title:Red Hat: Moderate: microcode_ctl security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205084 - security advisory

Trust: 0.1

title:Red Hat: Moderate: microcode_ctl security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205190 - security advisory

Trust: 0.1

title:Red Hat: Moderate: microcode_ctl security, bug fix and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205182 - security advisory

Trust: 0.1

title:Red Hat: Moderate: microcode_ctl security, bug fix and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205183 - security advisory

Trust: 0.1

title:Red Hat: Moderate: microcode_ctl security, bug fix and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205369 - security advisory

Trust: 0.1

title:Red Hat: Moderate: microcode_ctl security, bug fix and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205085 - security advisory

Trust: 0.1

title:Red Hat: Moderate: microcode_ctl security, bug fix and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205188 - security advisory

Trust: 0.1

title:Red Hat: Moderate: microcode_ctl security, bug fix and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205186 - security advisory

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=cve-2020-8698 log

Trust: 0.1

title:Arch Linux Advisories: [ASA-202102-34] intel-ucode: information disclosureurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=asa-202102-34

Trust: 0.1

title:Citrix Security Bulletins: Citrix Hypervisor Security Updateurl:https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=0196318f80fa91831e1ad927f423d728

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=0bfef52a44075162940391ee650c313e

Trust: 0.1

title:HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBHF03705 rev. 6 - BIOS November 2020 Security Updatesurl:https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=892287da75187b64a9430d6c2f52fb94

Trust: 0.1

title:HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBHF03705 rev. 6 - BIOS November 2020 Security Updatesurl:https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=f872c139829b190dd155b5676016edf1

Trust: 0.1

title:HP: HPSBHF03705 rev. 1 - BIOS November 2020 Security Updatesurl:https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=hpsbhf03705

Trust: 0.1

sources: VULMON: CVE-2020-8698 // JVNDB: JVNDB-2020-013420 // CNNVD: CNNVD-201911-1657

EXTERNAL IDS

db:NVDid:CVE-2020-8698

Trust: 3.3

db:SIEMENSid:SSA-678983

Trust: 1.7

db:JVNid:JVNVU91051134

Trust: 0.8

db:JVNDBid:JVNDB-2020-013420

Trust: 0.8

db:ICS CERTid:ICSA-22-132-05

Trust: 0.7

db:PACKETSTORMid:163772

Trust: 0.7

db:PACKETSTORMid:160018

Trust: 0.7

db:PACKETSTORMid:160035

Trust: 0.7

db:PACKETSTORMid:163993

Trust: 0.6

db:PACKETSTORMid:163863

Trust: 0.6

db:PACKETSTORMid:162588

Trust: 0.6

db:PACKETSTORMid:160187

Trust: 0.6

db:PACKETSTORMid:163757

Trust: 0.6

db:PACKETSTORMid:160407

Trust: 0.6

db:AUSCERTid:ESB-2021.2604

Trust: 0.6

db:AUSCERTid:ESB-2021.2905

Trust: 0.6

db:AUSCERTid:ESB-2020.4124

Trust: 0.6

db:AUSCERTid:ESB-2020.4327

Trust: 0.6

db:AUSCERTid:ESB-2021.2797

Trust: 0.6

db:AUSCERTid:ESB-2021.0423

Trust: 0.6

db:AUSCERTid:ESB-2021.2721

Trust: 0.6

db:AUSCERTid:ESB-2020.4017

Trust: 0.6

db:AUSCERTid:ESB-2022.2355

Trust: 0.6

db:AUSCERTid:ESB-2020.4200

Trust: 0.6

db:AUSCERTid:ESB-2021.1664

Trust: 0.6

db:AUSCERTid:ESB-2021.2945

Trust: 0.6

db:AUSCERTid:ESB-2020.3959

Trust: 0.6

db:AUSCERTid:ESB-2020.4153

Trust: 0.6

db:AUSCERTid:ESB-2020.4033

Trust: 0.6

db:AUSCERTid:ESB-2021.2672

Trust: 0.6

db:CS-HELPid:SB2021083127

Trust: 0.6

db:CS-HELPid:SB2021081125

Trust: 0.6

db:CS-HELPid:SB2021080915

Trust: 0.6

db:CS-HELPid:SB2021081834

Trust: 0.6

db:LENOVOid:LEN-49266

Trust: 0.6

db:CNNVDid:CNNVD-201911-1657

Trust: 0.6

db:VULMONid:CVE-2020-8698

Trust: 0.1

db:PACKETSTORMid:163924

Trust: 0.1

db:PACKETSTORMid:163954

Trust: 0.1

db:PACKETSTORMid:163758

Trust: 0.1

db:PACKETSTORMid:160191

Trust: 0.1

db:PACKETSTORMid:160188

Trust: 0.1

sources: VULMON: CVE-2020-8698 // JVNDB: JVNDB-2020-013420 // PACKETSTORM: 163924 // PACKETSTORM: 163954 // PACKETSTORM: 163758 // PACKETSTORM: 163772 // PACKETSTORM: 160191 // PACKETSTORM: 160018 // PACKETSTORM: 160188 // PACKETSTORM: 160035 // CNNVD: CNNVD-201911-1657 // NVD: CVE-2020-8698

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2020-8698

Trust: 2.2

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20201113-0006/

Trust: 1.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/maagik5cxkbpgy3r4ur5vo56m7mklz43/

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf

Trust: 1.7

url:https://access.redhat.com/security/cve/cve-2020-8698

Trust: 1.2

url:https://jvn.jp/vu/jvnvu91051134/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-8696

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-8695

Trust: 0.8

url:https://access.redhat.com/articles/11258

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-8695

Trust: 0.6

url:https://access.redhat.com/security/team/key/

Trust: 0.6

url:https://access.redhat.com/security/team/contact/

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-8696

Trust: 0.6

url:https://bugzilla.redhat.com/):

Trust: 0.6

url:https://packetstormsecurity.com/files/163863/red-hat-security-advisory-2021-3176-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3959/

Trust: 0.6

url:https://packetstormsecurity.com/files/163757/red-hat-security-advisory-2021-3027-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021081834

Trust: 0.6

url:https://packetstormsecurity.com/files/160035/ubuntu-security-notice-usn-4628-2.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4200/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4153/

Trust: 0.6

url:https://packetstormsecurity.com/files/160018/ubuntu-security-notice-usn-4628-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/163772/red-hat-security-advisory-2021-3029-01.html

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-132-05

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4327/

Trust: 0.6

url:https://packetstormsecurity.com/files/160187/red-hat-security-advisory-2020-5184-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021081125

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021083127

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2355

Trust: 0.6

url:https://packetstormsecurity.com/files/163993/red-hat-security-advisory-2021-3364-01.html

Trust: 0.6

url:https://vigilance.fr/vulnerability/intel-processors-information-disclosure-33881

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4033/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2905

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4017/

Trust: 0.6

url:https://packetstormsecurity.com/files/162588/ubuntu-security-notice-usn-4628-3.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4124/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0423

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2721

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021080915

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2604

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2945

Trust: 0.6

url:https://support.lenovo.com/us/en/product_security/len-49266

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2672

Trust: 0.6

url:https://packetstormsecurity.com/files/160407/red-hat-security-advisory-2020-5369-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1664

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2797

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-24511

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-24512

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-24512

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-24489

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-24489

Trust: 0.4

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-0549

Trust: 0.4

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-0543

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-0549

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-0543

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-24511

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-0548

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-0548

Trust: 0.4

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.2

url:https://usn.ubuntu.com/4628-1

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/668.html

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:5185

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-05

Trust: 0.1

url:https://support.hp.com/us-en/document/c06962236

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3255

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3323

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3028

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3029

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:5181

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.18.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.10.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.04.1

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:5183

Trust: 0.1

url:https://usn.ubuntu.com/4628-2

Trust: 0.1

url:https://launchpad.net/bugs/1903883

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.18.04.2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.04.2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.16.04.2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.10.2

Trust: 0.1

sources: VULMON: CVE-2020-8698 // JVNDB: JVNDB-2020-013420 // PACKETSTORM: 163924 // PACKETSTORM: 163954 // PACKETSTORM: 163758 // PACKETSTORM: 163772 // PACKETSTORM: 160191 // PACKETSTORM: 160018 // PACKETSTORM: 160188 // PACKETSTORM: 160035 // CNNVD: CNNVD-201911-1657 // NVD: CVE-2020-8698

CREDITS

Ubuntu

Trust: 0.8

sources: PACKETSTORM: 160018 // PACKETSTORM: 160035 // CNNVD: CNNVD-201911-1657

SOURCES

db:VULMONid:CVE-2020-8698
db:JVNDBid:JVNDB-2020-013420
db:PACKETSTORMid:163924
db:PACKETSTORMid:163954
db:PACKETSTORMid:163758
db:PACKETSTORMid:163772
db:PACKETSTORMid:160191
db:PACKETSTORMid:160018
db:PACKETSTORMid:160188
db:PACKETSTORMid:160035
db:CNNVDid:CNNVD-201911-1657
db:NVDid:CVE-2020-8698

LAST UPDATE DATE

2023-11-07T21:08:28.118000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2020-8698date:2022-04-26T00:00:00
db:JVNDBid:JVNDB-2020-013420date:2021-07-02T04:40:00
db:CNNVDid:CNNVD-201911-1657date:2022-05-13T00:00:00
db:NVDid:CVE-2020-8698date:2022-04-26T16:33:00

SOURCES RELEASE DATE

db:VULMONid:CVE-2020-8698date:2020-11-12T00:00:00
db:JVNDBid:JVNDB-2020-013420date:2021-07-02T00:00:00
db:PACKETSTORMid:163924date:2021-08-27T19:22:22
db:PACKETSTORMid:163954date:2021-08-31T15:43:48
db:PACKETSTORMid:163758date:2021-08-09T14:15:45
db:PACKETSTORMid:163772date:2021-08-10T14:49:53
db:PACKETSTORMid:160191date:2020-11-24T15:00:08
db:PACKETSTORMid:160018date:2020-11-11T14:59:21
db:PACKETSTORMid:160188date:2020-11-24T14:59:25
db:PACKETSTORMid:160035date:2020-11-12T15:38:50
db:CNNVDid:CNNVD-201911-1657date:2019-11-10T00:00:00
db:NVDid:CVE-2020-8698date:2020-11-12T18:15:00