Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2019-11091

Published: May 30, 2019 | Modified: Nov 07, 2023
CVSS 3.x
5.6
MEDIUM
Source:
NVD
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CVSS 2.x
4.7 MEDIUM
AV:L/AC:M/Au:N/C:C/I:N/A:N
RedHat/V2
RedHat/V3
3.8 MODERATE
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Ubuntu
MEDIUM
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2019-11091
CWEhttps://cwe.mitre.org/data/definitions/.html

Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

Affected Software

Name Vendor Start Version End Version
Microarchitectural_data_sampling_uncacheable_memory_firmware Intel - (including) - (including)
Red Hat Enterprise Linux 6 RedHat kernel-0:2.6.32-754.14.2.el6 *
Red Hat Enterprise Linux 6 RedHat libvirt-0:0.10.2-64.el6_10.1 *
Red Hat Enterprise Linux 6 RedHat qemu-kvm-2:0.12.1.2-2.506.el6_10.3 *
Red Hat Enterprise Linux 6.5 Advanced Update Support RedHat kernel-0:2.6.32-431.94.2.el6 *
Red Hat Enterprise Linux 6.5 Advanced Update Support RedHat libvirt-0:0.10.2-29.el6_5.18 *
Red Hat Enterprise Linux 6.5 Advanced Update Support RedHat qemu-kvm-2:0.12.1.2-2.415.el6_5.20 *
Red Hat Enterprise Linux 6.6 Advanced Update Support RedHat kernel-0:2.6.32-504.78.2.el6 *
Red Hat Enterprise Linux 6.6 Advanced Update Support RedHat libvirt-0:0.10.2-46.el6_6.10 *
Red Hat Enterprise Linux 6.6 Advanced Update Support RedHat qemu-kvm-2:0.12.1.2-2.448.el6_6.8 *
Red Hat Enterprise Linux 7 RedHat kernel-rt-0:3.10.0-957.12.2.rt56.929.el7 *
Red Hat Enterprise Linux 7 RedHat kernel-0:3.10.0-957.12.2.el7 *
Red Hat Enterprise Linux 7 RedHat libvirt-0:4.5.0-10.el7_6.9 *
Red Hat Enterprise Linux 7 RedHat qemu-kvm-10:1.5.3-160.el7_6.2 *
Red Hat Enterprise Linux 7.2 Advanced Update Support RedHat kernel-0:3.10.0-327.78.2.el7 *
Red Hat Enterprise Linux 7.2 Advanced Update Support RedHat libvirt-0:1.2.17-13.el7_2.10 *
Red Hat Enterprise Linux 7.2 Advanced Update Support RedHat qemu-kvm-10:1.5.3-105.el7_2.19 *
Red Hat Enterprise Linux 7.2 Telco Extended Update Support RedHat kernel-0:3.10.0-327.78.2.el7 *
Red Hat Enterprise Linux 7.2 Telco Extended Update Support RedHat libvirt-0:1.2.17-13.el7_2.10 *
Red Hat Enterprise Linux 7.2 Telco Extended Update Support RedHat qemu-kvm-10:1.5.3-105.el7_2.19 *
Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions RedHat kernel-0:3.10.0-327.78.2.el7 *
Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions RedHat libvirt-0:1.2.17-13.el7_2.10 *
Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions RedHat qemu-kvm-10:1.5.3-105.el7_2.19 *
Red Hat Enterprise Linux 7.3 Advanced Update Support RedHat kernel-0:3.10.0-514.64.2.el7 *
Red Hat Enterprise Linux 7.3 Advanced Update Support RedHat libvirt-0:2.0.0-10.el7_3.14 *
Red Hat Enterprise Linux 7.3 Advanced Update Support RedHat qemu-kvm-10:1.5.3-126.el7_3.17 *
Red Hat Enterprise Linux 7.3 Telco Extended Update Support RedHat kernel-0:3.10.0-514.64.2.el7 *
Red Hat Enterprise Linux 7.3 Telco Extended Update Support RedHat libvirt-0:2.0.0-10.el7_3.14 *
Red Hat Enterprise Linux 7.3 Telco Extended Update Support RedHat qemu-kvm-10:1.5.3-126.el7_3.17 *
Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions RedHat kernel-0:3.10.0-514.64.2.el7 *
Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions RedHat libvirt-0:2.0.0-10.el7_3.14 *
Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions RedHat qemu-kvm-10:1.5.3-126.el7_3.17 *
Red Hat Enterprise Linux 7.4 Extended Update Support RedHat kernel-0:3.10.0-693.47.2.el7 *
Red Hat Enterprise Linux 7.4 Extended Update Support RedHat libvirt-0:3.2.0-14.el7_4.13 *
Red Hat Enterprise Linux 7.4 Extended Update Support RedHat qemu-kvm-10:1.5.3-141.el7_4.10 *
Red Hat Enterprise Linux 7.5 Extended Update Support RedHat kernel-0:3.10.0-862.32.2.el7 *
Red Hat Enterprise Linux 7.5 Extended Update Support RedHat libvirt-0:3.9.0-14.el7_5.9 *
Red Hat Enterprise Linux 7.5 Extended Update Support RedHat qemu-kvm-10:1.5.3-156.el7_5.7 *
Red Hat Enterprise Linux 8 RedHat virt:rhel-8000020190510171727.55190bc5 *
Red Hat Enterprise Linux 8 RedHat kernel-rt-0:4.18.0-80.1.2.rt9.145.el8_0 *
Red Hat Enterprise Linux 8 RedHat kernel-0:4.18.0-80.1.2.el8_0 *
Red Hat Enterprise Linux 8 Advanced Virtualization RedHat virt:8.0.0-8000020190530233731.55190bc5 *
Red Hat Enterprise MRG 2 RedHat kernel-rt-1:3.10.0-693.47.2.rt56.641.el6rt *
Red Hat OpenStack Platform 10.0 (Newton) RedHat qemu-kvm-rhev-10:2.12.0-18.el7_6.5 *
Red Hat OpenStack Platform 13.0 (Queens) RedHat qemu-kvm-rhev-10:2.12.0-18.el7_6.5 *
Red Hat OpenStack Platform 14.0 (Rocky) RedHat qemu-kvm-rhev-10:2.12.0-18.el7_6.5 *
Red Hat OpenStack Platform 9.0 (Mitaka) RedHat qemu-kvm-rhev-10:2.12.0-18.el7_6.5 *
Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS RedHat vdsm-0:4.20.49-1.el7ev *
Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS RedHat redhat-release-virtualization-host-0:4.2-8.6.el7 *
Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS RedHat redhat-virtualization-host-0:4.2-20190512.0.el7_6 *
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 RedHat qemu-kvm-rhev-10:2.12.0-18.el7_6.5 *
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 RedHat vdsm-0:4.30.13-4.el7ev *
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 RedHat redhat-release-virtualization-host-0:4.3-0.7.el7 *
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 RedHat redhat-virtualization-host-0:4.3-20190512.0.el7_6 *
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 RedHat rhvm-appliance-0:4.3-20190506.0.el7 *
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 RedHat qemu-kvm-rhev-10:2.12.0-33.el7 *
Red Hat Virtualization Engine 4.2 RedHat rhvm-setup-plugins-0:4.2.14-1.el7ev *
Red Hat Virtualization Engine 4.3 RedHat rhvm-setup-plugins-0:4.3.1-1.el7ev *
Red Hat Virtualization Engine 4.3 RedHat qemu-kvm-rhev-10:2.12.0-33.el7 *
Intel-microcode Ubuntu bionic *
Intel-microcode Ubuntu cosmic *
Intel-microcode Ubuntu disco *
Intel-microcode Ubuntu trusty *
Intel-microcode Ubuntu xenial *
Libvirt Ubuntu bionic *
Libvirt Ubuntu cosmic *
Libvirt Ubuntu devel *
Libvirt Ubuntu disco *
Libvirt Ubuntu eoan *
Libvirt Ubuntu focal *
Libvirt Ubuntu groovy *
Libvirt Ubuntu hirsute *
Libvirt Ubuntu impish *
Libvirt Ubuntu jammy *
Libvirt Ubuntu kinetic *
Libvirt Ubuntu lunar *
Libvirt Ubuntu mantic *
Libvirt Ubuntu noble *
Libvirt Ubuntu precise/esm *
Libvirt Ubuntu trusty/esm *
Libvirt Ubuntu xenial *
Linux Ubuntu bionic *
Linux Ubuntu cosmic *
Linux Ubuntu disco *
Linux Ubuntu trusty *
Linux Ubuntu upstream *
Linux Ubuntu xenial *
Linux-allwinner Ubuntu upstream *
Linux-allwinner-5.19 Ubuntu upstream *
Linux-aws Ubuntu bionic *
Linux-aws Ubuntu cosmic *
Linux-aws Ubuntu disco *
Linux-aws Ubuntu trusty/esm *
Linux-aws Ubuntu upstream *
Linux-aws Ubuntu xenial *
Linux-aws-5.0 Ubuntu upstream *
Linux-aws-5.11 Ubuntu upstream *
Linux-aws-5.13 Ubuntu upstream *
Linux-aws-5.15 Ubuntu upstream *
Linux-aws-5.19 Ubuntu upstream *
Linux-aws-5.3 Ubuntu upstream *
Linux-aws-5.4 Ubuntu upstream *
Linux-aws-5.8 Ubuntu upstream *
Linux-aws-6.2 Ubuntu upstream *
Linux-aws-6.5 Ubuntu upstream *
Linux-aws-fips Ubuntu trusty *
Linux-aws-fips Ubuntu upstream *
Linux-aws-fips Ubuntu xenial *
Linux-aws-hwe Ubuntu upstream *
Linux-aws-hwe Ubuntu xenial *
Linux-azure Ubuntu bionic *
Linux-azure Ubuntu cosmic *
Linux-azure Ubuntu disco *
Linux-azure Ubuntu trusty *
Linux-azure Ubuntu upstream *
Linux-azure Ubuntu xenial *
Linux-azure-4.15 Ubuntu upstream *
Linux-azure-5.11 Ubuntu upstream *
Linux-azure-5.13 Ubuntu upstream *
Linux-azure-5.15 Ubuntu upstream *
Linux-azure-5.19 Ubuntu upstream *
Linux-azure-5.3 Ubuntu upstream *
Linux-azure-5.4 Ubuntu upstream *
Linux-azure-5.8 Ubuntu upstream *
Linux-azure-6.2 Ubuntu upstream *
Linux-azure-6.5 Ubuntu upstream *
Linux-azure-edge Ubuntu bionic *
Linux-azure-edge Ubuntu upstream *
Linux-azure-fde Ubuntu upstream *
Linux-azure-fde-5.15 Ubuntu upstream *
Linux-azure-fde-5.19 Ubuntu upstream *
Linux-azure-fde-6.2 Ubuntu upstream *
Linux-azure-fips Ubuntu trusty *
Linux-azure-fips Ubuntu upstream *
Linux-azure-fips Ubuntu xenial *
Linux-bluefield Ubuntu upstream *
Linux-dell300x Ubuntu upstream *
Linux-euclid Ubuntu upstream *
Linux-euclid Ubuntu xenial *
Linux-fips Ubuntu fips/xenial *
Linux-fips Ubuntu trusty *
Linux-fips Ubuntu upstream *
Linux-fips Ubuntu xenial *
Linux-flo Ubuntu upstream *
Linux-flo Ubuntu xenial *
Linux-gcp Ubuntu bionic *
Linux-gcp Ubuntu cosmic *
Linux-gcp Ubuntu disco *
Linux-gcp Ubuntu upstream *
Linux-gcp Ubuntu xenial *
Linux-gcp-4.15 Ubuntu upstream *
Linux-gcp-5.11 Ubuntu upstream *
Linux-gcp-5.13 Ubuntu upstream *
Linux-gcp-5.15 Ubuntu upstream *
Linux-gcp-5.19 Ubuntu upstream *
Linux-gcp-5.3 Ubuntu upstream *
Linux-gcp-5.4 Ubuntu upstream *
Linux-gcp-5.8 Ubuntu upstream *
Linux-gcp-6.2 Ubuntu upstream *
Linux-gcp-6.5 Ubuntu upstream *
Linux-gcp-edge Ubuntu bionic *
Linux-gcp-edge Ubuntu upstream *
Linux-gcp-fips Ubuntu trusty *
Linux-gcp-fips Ubuntu upstream *
Linux-gcp-fips Ubuntu xenial *
Linux-gke Ubuntu upstream *
Linux-gke Ubuntu xenial *
Linux-gke-4.15 Ubuntu bionic *
Linux-gke-4.15 Ubuntu upstream *
Linux-gke-5.0 Ubuntu upstream *
Linux-gke-5.15 Ubuntu upstream *
Linux-gke-5.3 Ubuntu upstream *
Linux-gke-5.4 Ubuntu upstream *
Linux-gkeop Ubuntu upstream *
Linux-gkeop-5.15 Ubuntu upstream *
Linux-gkeop-5.4 Ubuntu upstream *
Linux-goldfish Ubuntu upstream *
Linux-goldfish Ubuntu xenial *
Linux-grouper Ubuntu upstream *
Linux-hwe Ubuntu bionic *
Linux-hwe Ubuntu upstream *
Linux-hwe Ubuntu xenial *
Linux-hwe-5.11 Ubuntu upstream *
Linux-hwe-5.13 Ubuntu upstream *
Linux-hwe-5.15 Ubuntu upstream *
Linux-hwe-5.19 Ubuntu upstream *
Linux-hwe-5.4 Ubuntu upstream *
Linux-hwe-5.8 Ubuntu upstream *
Linux-hwe-6.2 Ubuntu upstream *
Linux-hwe-6.5 Ubuntu upstream *
Linux-hwe-edge Ubuntu upstream *
Linux-hwe-edge Ubuntu xenial *
Linux-ibm Ubuntu upstream *
Linux-ibm-5.15 Ubuntu upstream *
Linux-ibm-5.4 Ubuntu upstream *
Linux-intel Ubuntu upstream *
Linux-intel-5.13 Ubuntu upstream *
Linux-intel-iotg Ubuntu upstream *
Linux-intel-iotg-5.15 Ubuntu upstream *
Linux-iot Ubuntu upstream *
Linux-kvm Ubuntu bionic *
Linux-kvm Ubuntu cosmic *
Linux-kvm Ubuntu disco *
Linux-kvm Ubuntu upstream *
Linux-kvm Ubuntu xenial *
Linux-laptop Ubuntu upstream *
Linux-lowlatency Ubuntu upstream *
Linux-lowlatency-hwe-5.15 Ubuntu upstream *
Linux-lowlatency-hwe-5.19 Ubuntu upstream *
Linux-lowlatency-hwe-6.2 Ubuntu upstream *
Linux-lowlatency-hwe-6.5 Ubuntu upstream *
Linux-lts-trusty Ubuntu upstream *
Linux-lts-utopic Ubuntu upstream *
Linux-lts-vivid Ubuntu upstream *
Linux-lts-wily Ubuntu upstream *
Linux-lts-xenial Ubuntu trusty *
Linux-lts-xenial Ubuntu upstream *
Linux-maguro Ubuntu upstream *
Linux-mako Ubuntu upstream *
Linux-mako Ubuntu xenial *
Linux-manta Ubuntu upstream *
Linux-nvidia Ubuntu upstream *
Linux-nvidia-6.2 Ubuntu upstream *
Linux-nvidia-6.5 Ubuntu upstream *
Linux-oem Ubuntu bionic *
Linux-oem Ubuntu cosmic *
Linux-oem Ubuntu disco *
Linux-oem Ubuntu upstream *
Linux-oem Ubuntu xenial *
Linux-oem-5.10 Ubuntu upstream *
Linux-oem-5.13 Ubuntu upstream *
Linux-oem-5.14 Ubuntu upstream *
Linux-oem-5.17 Ubuntu upstream *
Linux-oem-5.6 Ubuntu upstream *
Linux-oem-6.0 Ubuntu upstream *
Linux-oem-6.1 Ubuntu upstream *
Linux-oem-6.5 Ubuntu upstream *
Linux-oem-6.8 Ubuntu upstream *
Linux-oem-osp1 Ubuntu upstream *
Linux-oracle Ubuntu bionic *
Linux-oracle Ubuntu cosmic *
Linux-oracle Ubuntu disco *
Linux-oracle Ubuntu eoan *
Linux-oracle Ubuntu upstream *
Linux-oracle Ubuntu xenial *
Linux-oracle-5.0 Ubuntu upstream *
Linux-oracle-5.11 Ubuntu upstream *
Linux-oracle-5.13 Ubuntu upstream *
Linux-oracle-5.15 Ubuntu upstream *
Linux-oracle-5.3 Ubuntu upstream *
Linux-oracle-5.4 Ubuntu upstream *
Linux-oracle-5.8 Ubuntu upstream *
Linux-oracle-6.5 Ubuntu upstream *
Linux-raspi Ubuntu upstream *
Linux-raspi-5.4 Ubuntu upstream *
Linux-raspi2 Ubuntu bionic *
Linux-raspi2 Ubuntu cosmic *
Linux-raspi2 Ubuntu disco *
Linux-raspi2 Ubuntu eoan *
Linux-raspi2 Ubuntu upstream *
Linux-raspi2 Ubuntu xenial *
Linux-raspi2-5.3 Ubuntu upstream *
Linux-riscv Ubuntu upstream *
Linux-riscv-5.11 Ubuntu upstream *
Linux-riscv-5.15 Ubuntu upstream *
Linux-riscv-5.19 Ubuntu upstream *
Linux-riscv-5.8 Ubuntu upstream *
Linux-riscv-6.5 Ubuntu upstream *
Linux-snapdragon Ubuntu bionic *
Linux-snapdragon Ubuntu disco *
Linux-snapdragon Ubuntu upstream *
Linux-snapdragon Ubuntu xenial *
Linux-starfive Ubuntu upstream *
Linux-starfive-5.19 Ubuntu upstream *
Linux-starfive-6.2 Ubuntu upstream *
Linux-starfive-6.5 Ubuntu upstream *
Linux-xilinx-zynqmp Ubuntu upstream *
Qemu Ubuntu bionic *
Qemu Ubuntu cosmic *
Qemu Ubuntu devel *
Qemu Ubuntu disco *
Qemu Ubuntu eoan *
Qemu Ubuntu focal *
Qemu Ubuntu groovy *
Qemu Ubuntu hirsute *
Qemu Ubuntu impish *
Qemu Ubuntu jammy *
Qemu Ubuntu kinetic *
Qemu Ubuntu lunar *
Qemu Ubuntu mantic *
Qemu Ubuntu noble *
Qemu Ubuntu trusty *
Qemu Ubuntu xenial *
Qemu-kvm Ubuntu precise/esm *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use