CVE-2019-11135
MEDIUM EPSS 86.3%
Published Nov 14, 20196y ago · Modified Jun 17, 20262w ago
6.5 CVSS 3.1
Published Nov 14, 2019 6y ago
Last Modified Jun 17, 2026 2w ago
Description
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Changed
Confidentiality High
Integrity None
Availability None
Threat Intelligence
EPSS Exploit Probability
86.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 324
| Vendor | Product | Version | Range |
|---|---|---|---|
| opensuse | leap | 15.0 | any |
| opensuse | leap | 15.1 | any |
| fedoraproject | fedora | 30 | any |
| fedoraproject | fedora | 31 | any |
| slackware | slackware | 14.2 | any |
| hp | apollo_4200_firmware | * | <2.20 |
| hp | apollo_4200 | gen10 | any |
| hp | apollo_2000_firmware | * | <2.20 |
| hp | apollo_2000 | * | any |
| hp | proliant_bl460c_firmware | * | <2.20 |
| hp | proliant_bl460c | gen10 | any |
| hp | proliant_dl580_firmware | * | <2.20 |
| hp | proliant_dl580 | gen10 | any |
| hp | proliant_dl560_firmware | * | <2.20 |
| hp | proliant_dl560 | gen10 | any |
| hp | proliant_dl380_firmware | * | <2.20 |
| hp | proliant_dl380 | gen10 | any |
| hp | proliant_dl360_firmware | * | <2.20 |
| hp | proliant_dl360 | gen10 | any |
| hp | proliant_dl180_firmware | * | <2.20 |
| hp | proliant_dl180 | gen10 | any |
| hp | proliant_dl160_firmware | * | <2.20 |
| hp | proliant_dl160 | gen10 | any |
| hp | proliant_dl120_firmware | * | <2.20 |
| hp | proliant_dl120 | gen10 | any |
| hp | proliant_dl20_firmware | * | <2.10 |
| hp | proliant_dl20 | gen10 | any |
| hp | proliant_ml350_firmware | * | <2.20 |
| hp | proliant_ml350 | gen10 | any |
| hp | proliant_ml110_firmware | * | <2.20 |
| hp | proliant_ml110 | gen10 | any |
| hp | proliant_ml30_firmware | * | <2.10 |
| hp | proliant_ml30 | gen10 | any |
| hp | proliant_xl450_firmware | * | <2.20 |
| hp | proliant_xl450 | gen10 | any |
| hp | proliant_xl270d_firmware | * | <2.20 |
| hp | proliant_xl270d | gen10 | any |
| hp | proliant_xl230k_firmware | * | <2.20 |
| hp | proliant_xl230k | gen10 | any |
| hp | proliant_xl190r_firmware | * | <2.20 |
| hp | proliant_xl190r | gen10 | any |
| hp | proliant_xl170r_firmware | * | <2.20 |
| hp | proliant_xl170r | gen10 | any |
| hp | synergy_480_firmware | * | <2.20 |
| hp | synergy_480 | gen10 | any |
| hp | synergy_660_firmware | * | <2.20 |
| hp | synergy_660 | gen10 | any |
| hp | proliant_e910_firmware | * | <2.20 |
| hp | proliant_e910 | * | any |
| intel | core_i7-10510y_firmware | * | any |
| intel | core_i7-10510y | * | any |
| intel | core_i5-10310y_firmware | * | any |
| intel | core_i5-10310y | * | any |
| intel | core_i5-10210y_firmware | * | any |
| intel | core_i5-10210y | * | any |
| intel | core_i5-10110y_firmware | * | any |
| intel | core_i5-10110y | * | any |
| intel | core_i7-8500y_firmware | * | any |
| intel | core_i7-8500y | * | any |
| intel | core_i5-8310y_firmware | * | any |
| intel | core_i5-8310y | * | any |
| intel | core_i5-8210y_firmware | * | any |
| intel | core_i5-8210y | * | any |
| intel | core_i5-8200y_firmware | * | any |
| intel | core_i5-8200y | * | any |
| intel | core_m3-8100y_firmware | * | any |
| intel | core_m3-8100y | * | any |
| intel | xeon_8253_firmware | * | any |
| intel | xeon_8253 | * | any |
| intel | xeon_8256_firmware | * | any |
| intel | xeon_8256 | * | any |
| intel | xeon_8260_firmware | * | any |
| intel | xeon_8260 | * | any |
| intel | xeon_8260l_firmware | * | any |
| intel | xeon_8260l | * | any |
| intel | xeon_8260m_firmware | * | any |
| intel | xeon_8260m | * | any |
| intel | xeon_8260y_firmware | * | any |
| intel | xeon_8260y | * | any |
| intel | xeon_8268_firmware | * | any |
| intel | xeon_8268 | * | any |
| intel | xeon_8270_firmware | * | any |
| intel | xeon_8270 | * | any |
| intel | xeon_8276_firmware | * | any |
| intel | xeon_8276 | * | any |
| intel | xeon_8276l_firmware | * | any |
| intel | xeon_8276l | * | any |
| intel | xeon_8276m_firmware | * | any |
| intel | xeon_8276m | * | any |
| intel | xeon_8280_firmware | * | any |
| intel | xeon_8280 | * | any |
| intel | xeon_8280l_firmware | * | any |
| intel | xeon_8280l | * | any |
| intel | xeon_8280m_firmware | * | any |
| intel | xeon_8280m | * | any |
| intel | xeon_9220_firmware | * | any |
| intel | xeon_9220 | * | any |
| intel | xeon_9221_firmware | * | any |
| intel | xeon_9221 | * | any |
| intel | xeon_9222_firmware | * | any |
| intel | xeon_9222 | * | any |
| intel | xeon_9242_firmware | * | any |
| intel | xeon_9242 | * | any |
| intel | xeon_9282_firmware | * | any |
| intel | xeon_9282 | * | any |
| intel | xeon_5215_firmware | * | any |
| intel | xeon_5215 | * | any |
| intel | xeon_5215l_firmware | * | any |
| intel | xeon_5215l | * | any |
| intel | xeon_5215m_firmware | * | any |
| intel | xeon_5215m | * | any |
| intel | xeon_5215r_firmware | * | any |
| intel | xeon_5215r | * | any |
| intel | xeon_5217_firmware | * | any |
| intel | xeon_5217 | * | any |
| intel | xeon_5218_firmware | * | any |
| intel | xeon_5218 | * | any |
| intel | xeon_5218b_firmware | * | any |
| intel | xeon_5218b | * | any |
| intel | xeon_5218n_firmware | * | any |
| intel | xeon_5218n | * | any |
| intel | xeon_5218t_firmware | * | any |
| intel | xeon_5218t | * | any |
| intel | xeon_5220_firmware | * | any |
| intel | xeon_5220 | * | any |
| intel | xeon_5220r_firmware | * | any |
| intel | xeon_5220r | * | any |
| intel | xeon_5220s_firmware | * | any |
| intel | xeon_5220s | * | any |
| intel | xeon_5220t_firmware | * | any |
| intel | xeon_5220t | * | any |
| intel | xeon_5222_firmware | * | any |
| intel | xeon_5222 | * | any |
| intel | xeon_6222v_firmware | * | any |
| intel | xeon_6222v | * | any |
| intel | xeon_6226_firmware | * | any |
| intel | xeon_6226 | * | any |
| intel | xeon_6230_firmware | * | any |
| intel | xeon_6230 | * | any |
| intel | xeon_6230n_firmware | * | any |
| intel | xeon_6230n | * | any |
| intel | xeon_6230t_firmware | * | any |
| intel | xeon_6230t | * | any |
| intel | xeon_6234_firmware | * | any |
| intel | xeon_6234 | * | any |
| intel | xeon_6238_firmware | * | any |
| intel | xeon_6238 | * | any |
| intel | xeon_6238l_firmware | * | any |
| intel | xeon_6238l | * | any |
| intel | xeon_6238m_firmware | * | any |
| intel | xeon_6238m | * | any |
| intel | xeon_6238t_firmware | * | any |
| intel | xeon_6238t | * | any |
| intel | xeon_6240_firmware | * | any |
| intel | xeon_6240 | * | any |
| intel | xeon_6240l_firmware | * | any |
| intel | xeon_6240l | * | any |
| intel | xeon_6240m_firmware | * | any |
| intel | xeon_6240m | * | any |
| intel | xeon_6240y_firmware | * | any |
| intel | xeon_6240y | * | any |
| intel | xeon_6242_firmware | * | any |
| intel | xeon_6242 | * | any |
| intel | xeon_6244_firmware | * | any |
| intel | xeon_6244 | * | any |
| intel | xeon_6246_firmware | * | any |
| intel | xeon_6246 | * | any |
| intel | xeon_6248_firmware | * | any |
| intel | xeon_6248 | * | any |
| intel | xeon_6252_firmware | * | any |
| intel | xeon_6252 | * | any |
| intel | xeon_6252n_firmware | * | any |
| intel | xeon_6252n | * | any |
| intel | xeon_6254_firmware | * | any |
| intel | xeon_6254 | * | any |
| intel | xeon_6262v_firmware | * | any |
| intel | xeon_6262v | * | any |
| intel | xeon_4208_firmware | * | any |
| intel | xeon_4208 | * | any |
| intel | xeon_4208r_firmware | * | any |
| intel | xeon_4208r | * | any |
| intel | xeon_4209t_firmware | * | any |
| intel | xeon_4209t | * | any |
| intel | xeon_4210_firmware | * | any |
| intel | xeon_4210 | * | any |
| intel | xeon_4210r_firmware | * | any |
| intel | xeon_4210r | * | any |
| intel | xeon_4214_firmware | * | any |
| intel | xeon_4214 | * | any |
| intel | xeon_4214c_firmware | * | any |
| intel | xeon_4214c | * | any |
| intel | xeon_4214r_firmware | * | any |
| intel | xeon_4214r | * | any |
| intel | xeon_4214y_firmware | * | any |
| intel | xeon_4214y | * | any |
| intel | xeon_4215_firmware | * | any |
| intel | xeon_4215 | * | any |
| intel | xeon_4216_firmware | * | any |
| intel | xeon_4216 | * | any |
| intel | xeon_4216r_firmware | * | any |
| intel | xeon_4216r | * | any |
| intel | xeon_3204_firmware | * | any |
| intel | xeon_3204 | * | any |
| intel | xeon_3206r_firmware | * | any |
| intel | xeon_3206r | * | any |
| intel | xeon_w-3275m_firmware | * | any |
| intel | xeon_w-3275m | * | any |
| intel | xeon_w-3275_firmware | * | any |
| intel | xeon_w-3275 | * | any |
| intel | xeon_w-3265m_firmware | * | any |
| intel | xeon_w-3265m | * | any |
| intel | xeon_w-3265_firmware | * | any |
| intel | xeon_w-3265 | * | any |
| intel | xeon_w-3245m_firmware | * | any |
| intel | xeon_w-3245m | * | any |
| intel | xeon_w-3245_firmware | * | any |
| intel | xeon_w-3245 | * | any |
| intel | xeon_w-3235_firmware | * | any |
| intel | xeon_w-3235 | * | any |
| intel | xeon_w-3225_firmware | * | any |
| intel | xeon_w-3225 | * | any |
| intel | xeon_w-3223_firmware | * | any |
| intel | xeon_w-3223 | * | any |
| intel | xeon_w-2295_firmware | * | any |
| intel | xeon_w-2295 | * | any |
| intel | xeon_w-2275_firmware | * | any |
| intel | xeon_w-2275 | * | any |
| intel | xeon_w-2265_firmware | * | any |
| intel | xeon_w-2265 | * | any |
| intel | xeon_w-2255_firmware | * | any |
| intel | xeon_w-2255 | * | any |
| intel | xeon_w-2245_firmware | * | any |
| intel | xeon_w-2245 | * | any |
| intel | xeon_w-2235_firmware | * | any |
| intel | xeon_w-2235 | * | any |
| intel | xeon_w-2225_firmware | * | any |
| intel | xeon_w-2225 | * | any |
| intel | xeon_w-2223_firmware | * | any |
| intel | xeon_w-2223 | * | any |
| intel | core_i9-9980hk_firmware | * | any |
| intel | core_i9-9980hk | * | any |
| intel | core_i9-9880h_firmware | * | any |
| intel | core_i9-9880h | * | any |
| intel | core_i7-9850h_firmware | * | any |
| intel | core_i7-9850h | * | any |
| intel | core_i7-9750hf_firmware | * | any |
| intel | core_i7-9750hf | * | any |
| intel | core_i5-9400h_firmware | * | any |
| intel | core_i5-9400h | * | any |
| intel | core_i5-9300h_firmware | * | any |
| intel | core_i5-9300h | * | any |
| intel | core_i9-9900k_firmware | * | any |
| intel | core_i9-9900k | * | any |
| intel | core_i9-9900kf_firmware | * | any |
| intel | core_i9-9900kf | * | any |
| intel | core_i7-9700k_firmware | * | any |
| intel | core_i7-9700k | * | any |
| intel | core_i7-9700kf_firmware | * | any |
| intel | core_i7-9700kf | * | any |
| intel | core_i5-9600k_firmware | * | any |
| intel | core_i5-9600k | * | any |
| intel | core_i5-9600kf_firmware | * | any |
| intel | core_i5-9600kf | * | any |
| intel | core_i5-9400_firmware | * | any |
| intel | core_i5-9400 | * | any |
| intel | core_i5-9400f_firmware | * | any |
| intel | core_i5-9400f | * | any |
| intel | xeon_e-2288g_firmware | * | any |
| intel | xeon_e-2288g | * | any |
| intel | xeon_e-2286m_firmware | * | any |
| intel | xeon_e-2286m | * | any |
| intel | xeon_e-2278gel_firmware | * | any |
| intel | xeon_e-2278gel | * | any |
| intel | xeon_e-2278ge_firmware | * | any |
| intel | xeon_e-2278ge | * | any |
| intel | xeon_e-2278g_firmware | * | any |
| intel | xeon_e-2278g | * | any |
| intel | core_i7-10510u_firmware | * | any |
| intel | core_i7-10510u | * | any |
| intel | core_i5-10210u_firmware | * | any |
| intel | core_i5-10210u | * | any |
| intel | pentium_6405u_firmware | * | any |
| intel | pentium_6405u | * | any |
| intel | celeron_5305u_firmware | * | any |
| intel | celeron_5305u | * | any |
| intel | core_i7-8565u_firmware | * | any |
| intel | core_i7-8565u | * | any |
| intel | core_i7-8665u_firmware | * | any |
| intel | core_i7-8665u | * | any |
| intel | core_i5-8365u_firmware | * | any |
| intel | core_i5-8365u | * | any |
| intel | core_i5-8265u_firmware | * | any |
| intel | core_i5-8265u | * | any |
| canonical | ubuntu_linux | 14.04 | any |
| debian | debian_linux | 8.0 | any |
| debian | debian_linux | 9.0 | any |
| debian | debian_linux | 10.0 | any |
| redhat | codeready_linux_builder | 8.0 | any |
| redhat | codeready_linux_builder_eus | 8.1 | any |
| redhat | codeready_linux_builder_eus | 8.2 | any |
| redhat | codeready_linux_builder_eus | 8.4 | any |
| redhat | codeready_linux_builder_eus | 8.6 | any |
| redhat | virtualization_manager | 4.2 | any |
| redhat | enterprise_linux | 8.0 | any |
| redhat | enterprise_linux_desktop | 7.0 | any |
| redhat | enterprise_linux_eus | 7.6 | any |
| redhat | enterprise_linux_eus | 7.7 | any |
| redhat | enterprise_linux_eus | 8.1 | any |
| redhat | enterprise_linux_eus | 8.2 | any |
| redhat | enterprise_linux_eus | 8.4 | any |
| redhat | enterprise_linux_eus | 8.6 | any |
| redhat | enterprise_linux_server | 7.0 | any |
| redhat | enterprise_linux_server_aus | 7.6 | any |
| redhat | enterprise_linux_server_aus | 7.7 | any |
| redhat | enterprise_linux_server_aus | 8.2 | any |
| redhat | enterprise_linux_server_aus | 8.4 | any |
| redhat | enterprise_linux_server_aus | 8.6 | any |
| redhat | enterprise_linux_server_tus | 7.6 | any |
| redhat | enterprise_linux_server_tus | 7.7 | any |
| redhat | enterprise_linux_server_tus | 8.2 | any |
| redhat | enterprise_linux_server_tus | 8.4 | any |
| redhat | enterprise_linux_server_tus | 8.6 | any |
| redhat | enterprise_linux_workstation | 7.0 | any |
| oracle | zfs_storage_appliance_kit | 8.8 | any |
References 30
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html
- packetstormsecurity.com http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- openwall.com http://www.openwall.com/lists/oss-security/2019/12/10/3
- openwall.com http://www.openwall.com/lists/oss-security/2019/12/10/4
- openwall.com http://www.openwall.com/lists/oss-security/2019/12/11/1
- access.redhat.com https://access.redhat.com/errata/RHSA-2019:3936
- access.redhat.com https://access.redhat.com/errata/RHSA-2020:0026
- access.redhat.com https://access.redhat.com/errata/RHSA-2020:0028
- access.redhat.com https://access.redhat.com/errata/RHSA-2020:0204
- access.redhat.com https://access.redhat.com/errata/RHSA-2020:0279
- access.redhat.com https://access.redhat.com/errata/RHSA-2020:0366
- access.redhat.com https://access.redhat.com/errata/RHSA-2020:0555
- access.redhat.com https://access.redhat.com/errata/RHSA-2020:0666
- access.redhat.com https://access.redhat.com/errata/RHSA-2020:0730
- kc.mcafee.com https://kc.mcafee.com/corporate/index?page=content&id=SB10306
- lists.debian.org https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html
- lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/
- lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/
- seclists.org https://seclists.org/bugtraq/2019/Dec/28
- seclists.org https://seclists.org/bugtraq/2019/Nov/26
- seclists.org https://seclists.org/bugtraq/2020/Jan/21
- security.gentoo.org https://security.gentoo.org/glsa/202003-56
- support.f5.com https://support.f5.com/csp/article/K02912734?utm_source=f5support&%3Butm_medium=RSS
- support.hpe.com https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us
- usn.ubuntu.com https://usn.ubuntu.com/4186-2/
- debian.org https://www.debian.org/security/2020/dsa-4602
- intel.com https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html
- oracle.com https://www.oracle.com/security-alerts/cpujan2021.html
Remediation
- packetstormsecurity.com http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- seclists.org https://seclists.org/bugtraq/2019/Nov/26
- oracle.com https://www.oracle.com/security-alerts/cpujan2021.html