Details of VAR-202011-1361

ID

VAR-202011-1361

CVE

CVE-2020-8698

TITLE

Intel(R) Vulnerabilities in processor products

Trust: 0.8

sources: JVNDB: JVNDB-2020-013420

DESCRIPTION

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Intel(R) There are unspecified vulnerabilities in processor products.Information may be obtained. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2020:5183-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:5183 Issue date: 2020-11-23 CVE Names: CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 ===================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.3) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.3) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695) * hw: Vector Register Leakage-Active (CVE-2020-8696) * hw: Fast forward store predictor (CVE-2020-8698) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20201112 release, addresses: - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e; - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28; - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68; - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0; - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0; - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0; - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision 0xe0; - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up to 0x2006a08; - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up to 0xde; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up to 0xde; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up to 0xe0; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up to 0xde; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from revision 0xd6 up to 0xde; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up to 0xde; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up to 0xde; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up to 0xde; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up to 0xde; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up to 0xde; - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode from revision 0x43 up to 0x44; - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157 up to 0x1000159; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01 up to 0x4003003; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5002f01 up to 0x5003003; - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up to 0x40; - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up to 0x1e; - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up to 0x34; - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up to 0x18; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78 up to 0xa0; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca up to 0xe0. * Disable 06-8c-01 (TGL-UP3/UP4 B1) microcode update by default. * Add README file to the documentation directory. * Add publicly-sourced codenames list to supply to gen_provides.sh; update the latter to handle the somewhat different format. * Add SUMMARY.intel-ucode file 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface 1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active 1890356 - CVE-2020-8698 hw: Fast forward store predictor 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.3): Source: microcode_ctl-2.1-16.37.el7_3.src.rpm x86_64: microcode_ctl-2.1-16.37.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.3): Source: microcode_ctl-2.1-16.37.el7_3.src.rpm x86_64: microcode_ctl-2.1-16.37.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.3): Source: microcode_ctl-2.1-16.37.el7_3.src.rpm x86_64: microcode_ctl-2.1-16.37.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-8695 https://access.redhat.com/security/cve/CVE-2020-8696 https://access.redhat.com/security/cve/CVE-2020-8698 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX7v1LtzjgjWX9erEAQhhzBAAi0jG7U8W+Dm2A/Nq40aoLyRcGknttkV1 0wwy62OR4KUnqiP0gHB8Sjh6UpAPqhLNExc2+B8RyUB23yUe8/PRB1fUqpmf5150 mzwiORZfu572ao7GLskdc4SUydVSqY9QuTK7mTm+HGmOm2XQpics51xWjyfKM/TN 5lrrd3DXxTrXwsjva2tPJcCp9A1s3XAVjK16Fu+FcKvXsgxruUy41YxJMsY8Mxfj pPRzcXdMvPQYhvyv8y1KY2Mz5WMKdpOK83X6Y9iYL6d0g2UT1d3cw8AOHc6GYNFS MhLDUASoII2A4xWkXCOyaocrg58QFctEHGfnxwTU5ZGq/vfOduUSLE881thD+tqD qgQBaz0cp0tNr+nYXvhtyX9XE4ve/lszq5BxqnNF0xi9hP8T5DwZzXnhtZ+aZML2 3WlT3tqgkDE7hZqyqSG8Vd9ZLzVkjmnw7+tqRjIGvzN9eKQxLXg/fPkKeHGh+HOz y0zCBHlZKrKtz0lQHP48W9t6l0Rkh19hW1fIA46rW4C7erDcW78nBMJ2cTAxbBk1 ITTGOIHpUgn3882xKM/yAHUMK25Xkh2va/e8UpafYEazSM4H9T15N87UyCVneKdD s2N1tYHegx85eoOlt24Bw2RBPFHhFGWOtE0McQ09kyDKFyGJXUMqzPhBUvvJz8mE G3KPuKrDU0U= =Vap7 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-4628-2 November 12, 2020 intel-microcode regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM Summary: USN-4628-1 introduced a regression in the Intel Microcode for some processors. Unfortunately, that update prevented certain processors in the Intel Tiger Lake family from booting successfully. This update reverts the microcode update for the Tiger Lake processor family. Please note that the 'dis_ucode_ldr' kernel command line option can be added in the boot menu to disable microcode loading for system recovery. We apologize for the inconvenience. Original advisory details: Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696) Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: intel-microcode 3.20201110.0ubuntu0.20.10.2 Ubuntu 20.04 LTS: intel-microcode 3.20201110.0ubuntu0.20.04.2 Ubuntu 18.04 LTS: intel-microcode 3.20201110.0ubuntu0.18.04.2 Ubuntu 16.04 LTS: intel-microcode 3.20201110.0ubuntu0.16.04.2 Ubuntu 14.04 ESM: intel-microcode 3.20201110.0ubuntu0.14.04.2 After a standard system update you need to reboot your computer to make all the necessary changes

Trust: 2.43

sources: NVD: CVE-2020-8698 // JVNDB: JVNDB-2020-013420 // VULMON: CVE-2020-8698 // PACKETSTORM: 163924 // PACKETSTORM: 163954 // PACKETSTORM: 163758 // PACKETSTORM: 163772 // PACKETSTORM: 160191 // PACKETSTORM: 160018 // PACKETSTORM: 160188 // PACKETSTORM: 160035

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic ipc477e	scope:	lt	version:	21.01.15	Trust: 1.0
vendor:	siemens	model:	simatic field pg m6	scope:	eq	version:	*	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	netapp	model:	hci storage node bios	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	clustered data ontap	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic ipc647e	scope:	lt	version:	25.02.08	Trust: 1.0
vendor:	siemens	model:	simatic itp1000	scope:	lt	version:	23.01.08	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	31	Trust: 1.0
vendor:	siemens	model:	simatic field pg m5	scope:	lt	version:	22.01.08	Trust: 1.0
vendor:	netapp	model:	hci compute node bios	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic ipc847e	scope:	lt	version:	25.02.08	Trust: 1.0
vendor:	siemens	model:	simatic ipc477e pro	scope:	lt	version:	21.01.15	Trust: 1.0
vendor:	siemens	model:	simatic ipc677e	scope:	lt	version:	25.02.08	Trust: 1.0
vendor:	siemens	model:	simatic ipc427e	scope:	lt	version:	21.01.15	Trust: 1.0
vendor:	netapp	model:	solidfire bios	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic ipc627e	scope:	lt	version:	25.02.08	Trust: 1.0
vendor:	intel	model:	microcode	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	hci compute node bios	scope:	-	version:	-	Trust: 0.8
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	solidfire bios	scope:	-	version:	-	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	clustered data ontap	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	microcode	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	hci storage node bios	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-013420 // NVD: CVE-2020-8698

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2020-8698
value:	MEDIUM
Trust: 1.8
CNNVD:	CNNVD-201911-1657
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2020-8698
value:	LOW
Trust: 0.1

NVD:	CVE-2020-8698
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.9

NVD:	CVE-2020-8698
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2020-8698
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2020-8698 // JVNDB: JVNDB-2020-013420 // CNNVD: CNNVD-201911-1657 // NVD: CVE-2020-8698

PROBLEMTYPE DATA

problemtype:	CWE-668	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-013420 // NVD: CVE-2020-8698

THREAT TYPE

local

Trust: 0.7

sources: PACKETSTORM: 160018 // CNNVD: CNNVD-201911-1657

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201911-1657

CONFIGURATIONS

sources: NVD: CVE-2020-8698

PATCH

title:	NTAP-20201113-0006 Intel Intel Product Security Center	url:	https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html	Trust: 0.8
title:	Intel Processors Fixes for access control error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=135724	Trust: 0.6
title:	Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205185 - security advisory	Trust: 0.1
title:	Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205184 - security advisory	Trust: 0.1
title:	Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205189 - security advisory	Trust: 0.1
title:	Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205181 - security advisory	Trust: 0.1
title:	Red Hat: Moderate: microcode_ctl security, bug fix, and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205083 - security advisory	Trust: 0.1
title:	Red Hat: Moderate: microcode_ctl security, bug fix, and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205084 - security advisory	Trust: 0.1
title:	Red Hat: Moderate: microcode_ctl security, bug fix, and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205190 - security advisory	Trust: 0.1
title:	Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205182 - security advisory	Trust: 0.1
title:	Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205183 - security advisory	Trust: 0.1
title:	Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205369 - security advisory	Trust: 0.1
title:	Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205085 - security advisory	Trust: 0.1
title:	Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205188 - security advisory	Trust: 0.1
title:	Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20205186 - security advisory	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=cve-2020-8698 log	Trust: 0.1
title:	Arch Linux Advisories: [ASA-202102-34] intel-ucode: information disclosure	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=asa-202102-34	Trust: 0.1
title:	Citrix Security Bulletins: Citrix Hypervisor Security Update	url:	https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=0196318f80fa91831e1ad927f423d728	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=0bfef52a44075162940391ee650c313e	Trust: 0.1
title:	HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBHF03705 rev. 6 - BIOS November 2020 Security Updates	url:	https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=892287da75187b64a9430d6c2f52fb94	Trust: 0.1
title:	HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBHF03705 rev. 6 - BIOS November 2020 Security Updates	url:	https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=f872c139829b190dd155b5676016edf1	Trust: 0.1
title:	HP: HPSBHF03705 rev. 1 - BIOS November 2020 Security Updates	url:	https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=hpsbhf03705	Trust: 0.1

sources: VULMON: CVE-2020-8698 // JVNDB: JVNDB-2020-013420 // CNNVD: CNNVD-201911-1657

EXTERNAL IDS

db:	NVD	id:	CVE-2020-8698	Trust: 3.3
db:	SIEMENS	id:	SSA-678983	Trust: 1.7
db:	JVN	id:	JVNVU91051134	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-013420	Trust: 0.8
db:	ICS CERT	id:	ICSA-22-132-05	Trust: 0.7
db:	PACKETSTORM	id:	163772	Trust: 0.7
db:	PACKETSTORM	id:	160018	Trust: 0.7
db:	PACKETSTORM	id:	160035	Trust: 0.7
db:	PACKETSTORM	id:	163993	Trust: 0.6
db:	PACKETSTORM	id:	163863	Trust: 0.6
db:	PACKETSTORM	id:	162588	Trust: 0.6
db:	PACKETSTORM	id:	160187	Trust: 0.6
db:	PACKETSTORM	id:	163757	Trust: 0.6
db:	PACKETSTORM	id:	160407	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2604	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2905	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4124	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4327	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2797	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0423	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2721	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4017	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.2355	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4200	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1664	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2945	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.3959	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4153	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4033	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2672	Trust: 0.6
db:	CS-HELP	id:	SB2021083127	Trust: 0.6
db:	CS-HELP	id:	SB2021081125	Trust: 0.6
db:	CS-HELP	id:	SB2021080915	Trust: 0.6
db:	CS-HELP	id:	SB2021081834	Trust: 0.6
db:	LENOVO	id:	LEN-49266	Trust: 0.6
db:	CNNVD	id:	CNNVD-201911-1657	Trust: 0.6
db:	VULMON	id:	CVE-2020-8698	Trust: 0.1
db:	PACKETSTORM	id:	163924	Trust: 0.1
db:	PACKETSTORM	id:	163954	Trust: 0.1
db:	PACKETSTORM	id:	163758	Trust: 0.1
db:	PACKETSTORM	id:	160191	Trust: 0.1
db:	PACKETSTORM	id:	160188	Trust: 0.1

sources: VULMON: CVE-2020-8698 // JVNDB: JVNDB-2020-013420 // PACKETSTORM: 163924 // PACKETSTORM: 163954 // PACKETSTORM: 163758 // PACKETSTORM: 163772 // PACKETSTORM: 160191 // PACKETSTORM: 160018 // PACKETSTORM: 160188 // PACKETSTORM: 160035 // CNNVD: CNNVD-201911-1657 // NVD: CVE-2020-8698

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2020-8698	Trust: 2.2
url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381	Trust: 1.7
url:	https://security.netapp.com/advisory/ntap-20201113-0006/	Trust: 1.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/maagik5cxkbpgy3r4ur5vo56m7mklz43/	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html	Trust: 1.7
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf	Trust: 1.7
url:	https://access.redhat.com/security/cve/cve-2020-8698	Trust: 1.2
url:	https://jvn.jp/vu/jvnvu91051134/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8696	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8695	Trust: 0.8
url:	https://access.redhat.com/articles/11258	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2020-8695	Trust: 0.6
url:	https://access.redhat.com/security/team/key/	Trust: 0.6
url:	https://access.redhat.com/security/team/contact/	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2020-8696	Trust: 0.6
url:	https://bugzilla.redhat.com/):	Trust: 0.6
url:	https://packetstormsecurity.com/files/163863/red-hat-security-advisory-2021-3176-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.3959/	Trust: 0.6
url:	https://packetstormsecurity.com/files/163757/red-hat-security-advisory-2021-3027-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021081834	Trust: 0.6
url:	https://packetstormsecurity.com/files/160035/ubuntu-security-notice-usn-4628-2.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4200/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4153/	Trust: 0.6
url:	https://packetstormsecurity.com/files/160018/ubuntu-security-notice-usn-4628-1.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/163772/red-hat-security-advisory-2021-3029-01.html	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-132-05	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4327/	Trust: 0.6
url:	https://packetstormsecurity.com/files/160187/red-hat-security-advisory-2020-5184-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021081125	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021083127	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.2355	Trust: 0.6
url:	https://packetstormsecurity.com/files/163993/red-hat-security-advisory-2021-3364-01.html	Trust: 0.6
url:	https://vigilance.fr/vulnerability/intel-processors-information-disclosure-33881	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4033/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2905	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4017/	Trust: 0.6
url:	https://packetstormsecurity.com/files/162588/ubuntu-security-notice-usn-4628-3.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4124/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0423	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2721	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021080915	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2604	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2945	Trust: 0.6
url:	https://support.lenovo.com/us/en/product_security/len-49266	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2672	Trust: 0.6
url:	https://packetstormsecurity.com/files/160407/red-hat-security-advisory-2020-5369-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1664	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2797	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2020-24511	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24512	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-24512	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24489	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-24489	Trust: 0.4
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2020-0549	Trust: 0.4
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-0543	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-0549	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2020-0543	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24511	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2020-0548	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-0548	Trust: 0.4
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.2
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.2
url:	https://usn.ubuntu.com/4628-1	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/668.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2020:5185	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-05	Trust: 0.1
url:	https://support.hp.com/us-en/document/c06962236	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:3255	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:3323	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:3028	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:3029	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2020:5181	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.16.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.10.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.04.1	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2020:5183	Trust: 0.1
url:	https://usn.ubuntu.com/4628-2	Trust: 0.1
url:	https://launchpad.net/bugs/1903883	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.18.04.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.04.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.16.04.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.10.2	Trust: 0.1

CREDITS

Ubuntu

Trust: 0.8

sources: PACKETSTORM: 160018 // PACKETSTORM: 160035 // CNNVD: CNNVD-201911-1657

SOURCES

db:	VULMON	id:	CVE-2020-8698
db:	JVNDB	id:	JVNDB-2020-013420
db:	PACKETSTORM	id:	163924
db:	PACKETSTORM	id:	163954
db:	PACKETSTORM	id:	163758
db:	PACKETSTORM	id:	163772
db:	PACKETSTORM	id:	160191
db:	PACKETSTORM	id:	160018
db:	PACKETSTORM	id:	160188
db:	PACKETSTORM	id:	160035
db:	CNNVD	id:	CNNVD-201911-1657
db:	NVD	id:	CVE-2020-8698

LAST UPDATE DATE

2023-11-07T21:08:28.118000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2020-8698	date:	2022-04-26T00:00:00
db:	JVNDB	id:	JVNDB-2020-013420	date:	2021-07-02T04:40:00
db:	CNNVD	id:	CNNVD-201911-1657	date:	2022-05-13T00:00:00
db:	NVD	id:	CVE-2020-8698	date:	2022-04-26T16:33:00

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2020-8698	date:	2020-11-12T00:00:00
db:	JVNDB	id:	JVNDB-2020-013420	date:	2021-07-02T00:00:00
db:	PACKETSTORM	id:	163924	date:	2021-08-27T19:22:22
db:	PACKETSTORM	id:	163954	date:	2021-08-31T15:43:48
db:	PACKETSTORM	id:	163758	date:	2021-08-09T14:15:45
db:	PACKETSTORM	id:	163772	date:	2021-08-10T14:49:53
db:	PACKETSTORM	id:	160191	date:	2020-11-24T15:00:08
db:	PACKETSTORM	id:	160018	date:	2020-11-11T14:59:21
db:	PACKETSTORM	id:	160188	date:	2020-11-24T14:59:25
db:	PACKETSTORM	id:	160035	date:	2020-11-12T15:38:50
db:	CNNVD	id:	CNNVD-201911-1657	date:	2019-11-10T00:00:00
db:	NVD	id:	CVE-2020-8698	date:	2020-11-12T18:15:00