CVE Vulnerabilities

CVE-2019-1125

Published: Sep 03, 2019 | Modified: May 29, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
5.9 MODERATE
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Ubuntu
MEDIUM

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used to try to compromise the affected system further. On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. This vulnerability, released on August 6, 2019, is a variant of the Spectre Variant 1 speculative execution side channel vulnerability and has been assigned CVE-2019-1125. Microsoft released a security update on July 9, 2019 that addresses the vulnerability through a software change that mitigates how the CPU speculatively accesses memory. Note that this vulnerability does not require a microcode update from your device OEM.

Affected Software

Name Vendor Start Version End Version
Windows_10 Microsoft - (including) - (including)
Windows_10 Microsoft 1607 (including) 1607 (including)
Windows_10 Microsoft 1703 (including) 1703 (including)
Windows_10 Microsoft 1709 (including) 1709 (including)
Windows_10 Microsoft 1803 (including) 1803 (including)
Windows_10 Microsoft 1809 (including) 1809 (including)
Windows_10 Microsoft 1903 (including) 1903 (including)
Windows_7 Microsoft –sp1 (including) –sp1 (including)
Windows_8.1 Microsoft - (including) - (including)
Windows_rt_8.1 Microsoft - (including) - (including)
Windows_server_2008 Microsoft –sp2 (including) –sp2 (including)
Windows_server_2008 Microsoft r2-sp1 (including) r2-sp1 (including)
Windows_server_2012 Microsoft - (including) - (including)
Windows_server_2012 Microsoft r2 (including) r2 (including)
Windows_server_2016 Microsoft - (including) - (including)
Windows_server_2016 Microsoft 1803 (including) 1803 (including)
Windows_server_2016 Microsoft 1903 (including) 1903 (including)
Windows_server_2019 Microsoft - (including) - (including)
Red Hat Enterprise Linux 6 RedHat kernel-0:2.6.32-754.18.2.el6 *
Red Hat Enterprise Linux 6.5 Advanced Update Support RedHat kernel-0:2.6.32-431.96.1.el6 *
Red Hat Enterprise Linux 6.6 Advanced Update Support RedHat kernel-0:2.6.32-504.80.2.el6 *
Red Hat Enterprise Linux 7 RedHat kernel-rt-0:3.10.0-1062.1.1.rt56.1024.el7 *
Red Hat Enterprise Linux 7 RedHat kernel-0:3.10.0-1062.1.1.el7 *
Red Hat Enterprise Linux 7.2 Advanced Update Support RedHat kernel-0:3.10.0-327.82.1.el7 *
Red Hat Enterprise Linux 7.2 Telco Extended Update Support RedHat kernel-0:3.10.0-327.82.1.el7 *
Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions RedHat kernel-0:3.10.0-327.82.1.el7 *
Red Hat Enterprise Linux 7.3 Advanced Update Support RedHat kernel-0:3.10.0-514.69.1.el7 *
Red Hat Enterprise Linux 7.3 Telco Extended Update Support RedHat kernel-0:3.10.0-514.69.1.el7 *
Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions RedHat kernel-0:3.10.0-514.69.1.el7 *
Red Hat Enterprise Linux 7.4 Extended Update Support RedHat kernel-0:3.10.0-693.58.1.el7 *
Red Hat Enterprise Linux 7.5 Extended Update Support RedHat kernel-0:3.10.0-862.43.1.el7 *
Red Hat Enterprise Linux 7.6 Extended Update Support RedHat kernel-0:3.10.0-957.38.1.el7 *
Red Hat Enterprise Linux 8 RedHat kernel-rt-0:4.18.0-80.7.2.rt9.154.el8_0 *
Red Hat Enterprise Linux 8 RedHat kernel-0:4.18.0-80.7.2.el8_0 *
Red Hat Enterprise MRG 2 RedHat kernel-rt-1:3.10.0-693.58.1.rt56.652.el6rt *
Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS RedHat redhat-release-virtualization-host-0:4.2-15.1.el7 *
Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS RedHat redhat-virtualization-host-0:4.2-20191022.0.el7_6 *
Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS RedHat kernel-0:3.10.0-957.38.1.el7 *
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 RedHat imgbased-0:1.1.10-0.1.el7ev *
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 RedHat ovirt-node-ng-0:4.3.6-0.20190820.0.el7ev *
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 RedHat redhat-release-virtualization-host-0:4.3.6-2.el7ev *
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 RedHat redhat-virtualization-host-0:4.3.6-20190924.0.el7_7 *
Linux Ubuntu bionic *
Linux Ubuntu disco *
Linux Ubuntu esm-infra/bionic *
Linux Ubuntu esm-infra/xenial *
Linux Ubuntu precise/esm *
Linux Ubuntu trusty/esm *
Linux Ubuntu upstream *
Linux Ubuntu xenial *
Linux-aws Ubuntu bionic *
Linux-aws Ubuntu disco *
Linux-aws Ubuntu esm-infra/bionic *
Linux-aws Ubuntu esm-infra/xenial *
Linux-aws Ubuntu trusty/esm *
Linux-aws Ubuntu upstream *
Linux-aws Ubuntu xenial *
Linux-aws-5.0 Ubuntu upstream *
Linux-aws-hwe Ubuntu esm-infra/xenial *
Linux-aws-hwe Ubuntu upstream *
Linux-aws-hwe Ubuntu xenial *
Linux-azure Ubuntu bionic *
Linux-azure Ubuntu disco *
Linux-azure Ubuntu esm-infra/bionic *
Linux-azure Ubuntu esm-infra/xenial *
Linux-azure Ubuntu trusty/esm *
Linux-azure Ubuntu upstream *
Linux-azure Ubuntu xenial *
Linux-azure-5.3 Ubuntu upstream *
Linux-azure-edge Ubuntu bionic *
Linux-azure-edge Ubuntu esm-infra/bionic *
Linux-azure-edge Ubuntu upstream *
Linux-azure-edge Ubuntu xenial *
Linux-gcp Ubuntu bionic *
Linux-gcp Ubuntu disco *
Linux-gcp Ubuntu esm-infra/bionic *
Linux-gcp Ubuntu esm-infra/xenial *
Linux-gcp Ubuntu upstream *
Linux-gcp Ubuntu xenial *
Linux-gcp-5.3 Ubuntu upstream *
Linux-gcp-edge Ubuntu bionic *
Linux-gcp-edge Ubuntu esm-infra/bionic *
Linux-gcp-edge Ubuntu upstream *
Linux-gke-4.15 Ubuntu bionic *
Linux-gke-4.15 Ubuntu esm-infra/bionic *
Linux-gke-4.15 Ubuntu upstream *
Linux-gke-5.0 Ubuntu bionic *
Linux-gke-5.0 Ubuntu upstream *
Linux-hwe Ubuntu bionic *
Linux-hwe Ubuntu esm-infra/bionic *
Linux-hwe Ubuntu esm-infra/xenial *
Linux-hwe Ubuntu upstream *
Linux-hwe Ubuntu xenial *
Linux-hwe-edge Ubuntu bionic *
Linux-hwe-edge Ubuntu esm-infra/bionic *
Linux-hwe-edge Ubuntu esm-infra/xenial *
Linux-hwe-edge Ubuntu upstream *
Linux-hwe-edge Ubuntu xenial *
Linux-kvm Ubuntu bionic *
Linux-kvm Ubuntu disco *
Linux-kvm Ubuntu esm-infra/bionic *
Linux-kvm Ubuntu esm-infra/xenial *
Linux-kvm Ubuntu upstream *
Linux-kvm Ubuntu xenial *
Linux-lts-trusty Ubuntu precise/esm *
Linux-lts-trusty Ubuntu upstream *
Linux-lts-xenial Ubuntu trusty/esm *
Linux-lts-xenial Ubuntu upstream *
Linux-oem Ubuntu bionic *
Linux-oem Ubuntu disco *
Linux-oem Ubuntu eoan *
Linux-oem Ubuntu esm-infra/bionic *
Linux-oem Ubuntu upstream *
Linux-oem Ubuntu xenial *
Linux-oem-5.4 Ubuntu upstream *
Linux-oem-osp1 Ubuntu bionic *
Linux-oem-osp1 Ubuntu disco *
Linux-oem-osp1 Ubuntu eoan *
Linux-oem-osp1 Ubuntu upstream *
Linux-oracle Ubuntu bionic *
Linux-oracle Ubuntu disco *
Linux-oracle Ubuntu esm-infra/bionic *
Linux-oracle Ubuntu esm-infra/xenial *
Linux-oracle Ubuntu upstream *
Linux-oracle Ubuntu xenial *
Linux-oracle-5.0 Ubuntu upstream *
Linux-raspi2 Ubuntu upstream *
Linux-raspi2-5.3 Ubuntu upstream *
Linux-snapdragon Ubuntu upstream *

References