CVE-2019-11135

MEDIUM EPSS 86.3%
Published Nov 14, 20196y ago · Modified Jun 17, 20262w ago
6.5 CVSS 3.1
Medium
Find Similar
Published Nov 14, 2019 6y ago
Last Modified Jun 17, 2026 2w ago

Description

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

CVSS Details

Base Score
6.5
Exploitability
2.0
Impact
4.0
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Changed
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
86.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 324

VendorProductVersionRange
opensuseleap15.0any
opensuseleap15.1any
fedoraprojectfedora30any
fedoraprojectfedora31any
slackwareslackware14.2any
hpapollo_4200_firmware* <2.20
hpapollo_4200gen10any
hpapollo_2000_firmware* <2.20
hpapollo_2000*any
hpproliant_bl460c_firmware* <2.20
hpproliant_bl460cgen10any
hpproliant_dl580_firmware* <2.20
hpproliant_dl580gen10any
hpproliant_dl560_firmware* <2.20
hpproliant_dl560gen10any
hpproliant_dl380_firmware* <2.20
hpproliant_dl380gen10any
hpproliant_dl360_firmware* <2.20
hpproliant_dl360gen10any
hpproliant_dl180_firmware* <2.20
hpproliant_dl180gen10any
hpproliant_dl160_firmware* <2.20
hpproliant_dl160gen10any
hpproliant_dl120_firmware* <2.20
hpproliant_dl120gen10any
hpproliant_dl20_firmware* <2.10
hpproliant_dl20gen10any
hpproliant_ml350_firmware* <2.20
hpproliant_ml350gen10any
hpproliant_ml110_firmware* <2.20
hpproliant_ml110gen10any
hpproliant_ml30_firmware* <2.10
hpproliant_ml30gen10any
hpproliant_xl450_firmware* <2.20
hpproliant_xl450gen10any
hpproliant_xl270d_firmware* <2.20
hpproliant_xl270dgen10any
hpproliant_xl230k_firmware* <2.20
hpproliant_xl230kgen10any
hpproliant_xl190r_firmware* <2.20
hpproliant_xl190rgen10any
hpproliant_xl170r_firmware* <2.20
hpproliant_xl170rgen10any
hpsynergy_480_firmware* <2.20
hpsynergy_480gen10any
hpsynergy_660_firmware* <2.20
hpsynergy_660gen10any
hpproliant_e910_firmware* <2.20
hpproliant_e910*any
intelcore_i7-10510y_firmware*any
intelcore_i7-10510y*any
intelcore_i5-10310y_firmware*any
intelcore_i5-10310y*any
intelcore_i5-10210y_firmware*any
intelcore_i5-10210y*any
intelcore_i5-10110y_firmware*any
intelcore_i5-10110y*any
intelcore_i7-8500y_firmware*any
intelcore_i7-8500y*any
intelcore_i5-8310y_firmware*any
intelcore_i5-8310y*any
intelcore_i5-8210y_firmware*any
intelcore_i5-8210y*any
intelcore_i5-8200y_firmware*any
intelcore_i5-8200y*any
intelcore_m3-8100y_firmware*any
intelcore_m3-8100y*any
intelxeon_8253_firmware*any
intelxeon_8253*any
intelxeon_8256_firmware*any
intelxeon_8256*any
intelxeon_8260_firmware*any
intelxeon_8260*any
intelxeon_8260l_firmware*any
intelxeon_8260l*any
intelxeon_8260m_firmware*any
intelxeon_8260m*any
intelxeon_8260y_firmware*any
intelxeon_8260y*any
intelxeon_8268_firmware*any
intelxeon_8268*any
intelxeon_8270_firmware*any
intelxeon_8270*any
intelxeon_8276_firmware*any
intelxeon_8276*any
intelxeon_8276l_firmware*any
intelxeon_8276l*any
intelxeon_8276m_firmware*any
intelxeon_8276m*any
intelxeon_8280_firmware*any
intelxeon_8280*any
intelxeon_8280l_firmware*any
intelxeon_8280l*any
intelxeon_8280m_firmware*any
intelxeon_8280m*any
intelxeon_9220_firmware*any
intelxeon_9220*any
intelxeon_9221_firmware*any
intelxeon_9221*any
intelxeon_9222_firmware*any
intelxeon_9222*any
intelxeon_9242_firmware*any
intelxeon_9242*any
intelxeon_9282_firmware*any
intelxeon_9282*any
intelxeon_5215_firmware*any
intelxeon_5215*any
intelxeon_5215l_firmware*any
intelxeon_5215l*any
intelxeon_5215m_firmware*any
intelxeon_5215m*any
intelxeon_5215r_firmware*any
intelxeon_5215r*any
intelxeon_5217_firmware*any
intelxeon_5217*any
intelxeon_5218_firmware*any
intelxeon_5218*any
intelxeon_5218b_firmware*any
intelxeon_5218b*any
intelxeon_5218n_firmware*any
intelxeon_5218n*any
intelxeon_5218t_firmware*any
intelxeon_5218t*any
intelxeon_5220_firmware*any
intelxeon_5220*any
intelxeon_5220r_firmware*any
intelxeon_5220r*any
intelxeon_5220s_firmware*any
intelxeon_5220s*any
intelxeon_5220t_firmware*any
intelxeon_5220t*any
intelxeon_5222_firmware*any
intelxeon_5222*any
intelxeon_6222v_firmware*any
intelxeon_6222v*any
intelxeon_6226_firmware*any
intelxeon_6226*any
intelxeon_6230_firmware*any
intelxeon_6230*any
intelxeon_6230n_firmware*any
intelxeon_6230n*any
intelxeon_6230t_firmware*any
intelxeon_6230t*any
intelxeon_6234_firmware*any
intelxeon_6234*any
intelxeon_6238_firmware*any
intelxeon_6238*any
intelxeon_6238l_firmware*any
intelxeon_6238l*any
intelxeon_6238m_firmware*any
intelxeon_6238m*any
intelxeon_6238t_firmware*any
intelxeon_6238t*any
intelxeon_6240_firmware*any
intelxeon_6240*any
intelxeon_6240l_firmware*any
intelxeon_6240l*any
intelxeon_6240m_firmware*any
intelxeon_6240m*any
intelxeon_6240y_firmware*any
intelxeon_6240y*any
intelxeon_6242_firmware*any
intelxeon_6242*any
intelxeon_6244_firmware*any
intelxeon_6244*any
intelxeon_6246_firmware*any
intelxeon_6246*any
intelxeon_6248_firmware*any
intelxeon_6248*any
intelxeon_6252_firmware*any
intelxeon_6252*any
intelxeon_6252n_firmware*any
intelxeon_6252n*any
intelxeon_6254_firmware*any
intelxeon_6254*any
intelxeon_6262v_firmware*any
intelxeon_6262v*any
intelxeon_4208_firmware*any
intelxeon_4208*any
intelxeon_4208r_firmware*any
intelxeon_4208r*any
intelxeon_4209t_firmware*any
intelxeon_4209t*any
intelxeon_4210_firmware*any
intelxeon_4210*any
intelxeon_4210r_firmware*any
intelxeon_4210r*any
intelxeon_4214_firmware*any
intelxeon_4214*any
intelxeon_4214c_firmware*any
intelxeon_4214c*any
intelxeon_4214r_firmware*any
intelxeon_4214r*any
intelxeon_4214y_firmware*any
intelxeon_4214y*any
intelxeon_4215_firmware*any
intelxeon_4215*any
intelxeon_4216_firmware*any
intelxeon_4216*any
intelxeon_4216r_firmware*any
intelxeon_4216r*any
intelxeon_3204_firmware*any
intelxeon_3204*any
intelxeon_3206r_firmware*any
intelxeon_3206r*any
intelxeon_w-3275m_firmware*any
intelxeon_w-3275m*any
intelxeon_w-3275_firmware*any
intelxeon_w-3275*any
intelxeon_w-3265m_firmware*any
intelxeon_w-3265m*any
intelxeon_w-3265_firmware*any
intelxeon_w-3265*any
intelxeon_w-3245m_firmware*any
intelxeon_w-3245m*any
intelxeon_w-3245_firmware*any
intelxeon_w-3245*any
intelxeon_w-3235_firmware*any
intelxeon_w-3235*any
intelxeon_w-3225_firmware*any
intelxeon_w-3225*any
intelxeon_w-3223_firmware*any
intelxeon_w-3223*any
intelxeon_w-2295_firmware*any
intelxeon_w-2295*any
intelxeon_w-2275_firmware*any
intelxeon_w-2275*any
intelxeon_w-2265_firmware*any
intelxeon_w-2265*any
intelxeon_w-2255_firmware*any
intelxeon_w-2255*any
intelxeon_w-2245_firmware*any
intelxeon_w-2245*any
intelxeon_w-2235_firmware*any
intelxeon_w-2235*any
intelxeon_w-2225_firmware*any
intelxeon_w-2225*any
intelxeon_w-2223_firmware*any
intelxeon_w-2223*any
intelcore_i9-9980hk_firmware*any
intelcore_i9-9980hk*any
intelcore_i9-9880h_firmware*any
intelcore_i9-9880h*any
intelcore_i7-9850h_firmware*any
intelcore_i7-9850h*any
intelcore_i7-9750hf_firmware*any
intelcore_i7-9750hf*any
intelcore_i5-9400h_firmware*any
intelcore_i5-9400h*any
intelcore_i5-9300h_firmware*any
intelcore_i5-9300h*any
intelcore_i9-9900k_firmware*any
intelcore_i9-9900k*any
intelcore_i9-9900kf_firmware*any
intelcore_i9-9900kf*any
intelcore_i7-9700k_firmware*any
intelcore_i7-9700k*any
intelcore_i7-9700kf_firmware*any
intelcore_i7-9700kf*any
intelcore_i5-9600k_firmware*any
intelcore_i5-9600k*any
intelcore_i5-9600kf_firmware*any
intelcore_i5-9600kf*any
intelcore_i5-9400_firmware*any
intelcore_i5-9400*any
intelcore_i5-9400f_firmware*any
intelcore_i5-9400f*any
intelxeon_e-2288g_firmware*any
intelxeon_e-2288g*any
intelxeon_e-2286m_firmware*any
intelxeon_e-2286m*any
intelxeon_e-2278gel_firmware*any
intelxeon_e-2278gel*any
intelxeon_e-2278ge_firmware*any
intelxeon_e-2278ge*any
intelxeon_e-2278g_firmware*any
intelxeon_e-2278g*any
intelcore_i7-10510u_firmware*any
intelcore_i7-10510u*any
intelcore_i5-10210u_firmware*any
intelcore_i5-10210u*any
intelpentium_6405u_firmware*any
intelpentium_6405u*any
intelceleron_5305u_firmware*any
intelceleron_5305u*any
intelcore_i7-8565u_firmware*any
intelcore_i7-8565u*any
intelcore_i7-8665u_firmware*any
intelcore_i7-8665u*any
intelcore_i5-8365u_firmware*any
intelcore_i5-8365u*any
intelcore_i5-8265u_firmware*any
intelcore_i5-8265u*any
canonicalubuntu_linux14.04any
debiandebian_linux8.0any
debiandebian_linux9.0any
debiandebian_linux10.0any
redhatcodeready_linux_builder8.0any
redhatcodeready_linux_builder_eus8.1any
redhatcodeready_linux_builder_eus8.2any
redhatcodeready_linux_builder_eus8.4any
redhatcodeready_linux_builder_eus8.6any
redhatvirtualization_manager4.2any
redhatenterprise_linux8.0any
redhatenterprise_linux_desktop7.0any
redhatenterprise_linux_eus7.6any
redhatenterprise_linux_eus7.7any
redhatenterprise_linux_eus8.1any
redhatenterprise_linux_eus8.2any
redhatenterprise_linux_eus8.4any
redhatenterprise_linux_eus8.6any
redhatenterprise_linux_server7.0any
redhatenterprise_linux_server_aus7.6any
redhatenterprise_linux_server_aus7.7any
redhatenterprise_linux_server_aus8.2any
redhatenterprise_linux_server_aus8.4any
redhatenterprise_linux_server_aus8.6any
redhatenterprise_linux_server_tus7.6any
redhatenterprise_linux_server_tus7.7any
redhatenterprise_linux_server_tus8.2any
redhatenterprise_linux_server_tus8.4any
redhatenterprise_linux_server_tus8.6any
redhatenterprise_linux_workstation7.0any
oraclezfs_storage_appliance_kit8.8any

References 30

  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html
    Mailing ListThird Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html
    Mailing ListThird Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html
    Mailing ListThird Party Advisory
  • packetstormsecurity.com http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
    PatchThird Party AdvisoryVDB Entry
  • openwall.com http://www.openwall.com/lists/oss-security/2019/12/10/3
    Mailing ListThird Party Advisory
  • openwall.com http://www.openwall.com/lists/oss-security/2019/12/10/4
    Mailing ListThird Party Advisory
  • openwall.com http://www.openwall.com/lists/oss-security/2019/12/11/1
    Mailing ListThird Party Advisory
  • access.redhat.com https://access.redhat.com/errata/RHSA-2019:3936
    Third Party Advisory
  • access.redhat.com https://access.redhat.com/errata/RHSA-2020:0026
    Third Party Advisory
  • access.redhat.com https://access.redhat.com/errata/RHSA-2020:0028
    Third Party Advisory
  • access.redhat.com https://access.redhat.com/errata/RHSA-2020:0204
    Third Party Advisory
  • access.redhat.com https://access.redhat.com/errata/RHSA-2020:0279
    Third Party Advisory
  • access.redhat.com https://access.redhat.com/errata/RHSA-2020:0366
    Third Party Advisory
  • access.redhat.com https://access.redhat.com/errata/RHSA-2020:0555
    Third Party Advisory
  • access.redhat.com https://access.redhat.com/errata/RHSA-2020:0666
    Third Party Advisory
  • access.redhat.com https://access.redhat.com/errata/RHSA-2020:0730
    Third Party Advisory
  • kc.mcafee.com https://kc.mcafee.com/corporate/index?page=content&id=SB10306
    Third Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html
    Mailing ListThird Party Advisory
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/
  • seclists.org https://seclists.org/bugtraq/2019/Dec/28
    Mailing ListThird Party Advisory
  • seclists.org https://seclists.org/bugtraq/2019/Nov/26
    Mailing ListPatchThird Party Advisory
  • seclists.org https://seclists.org/bugtraq/2020/Jan/21
    Mailing ListThird Party Advisory
  • security.gentoo.org https://security.gentoo.org/glsa/202003-56
    Third Party Advisory
  • support.f5.com https://support.f5.com/csp/article/K02912734?utm_source=f5support&amp%3Butm_medium=RSS
  • support.hpe.com https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us
    Third Party Advisory
  • usn.ubuntu.com https://usn.ubuntu.com/4186-2/
    Third Party Advisory
  • debian.org https://www.debian.org/security/2020/dsa-4602
    Third Party Advisory
  • intel.com https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html
    Vendor Advisory
  • oracle.com https://www.oracle.com/security-alerts/cpujan2021.html
    PatchThird Party Advisory

Remediation

  • packetstormsecurity.com http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
    PatchThird Party AdvisoryVDB Entry
  • seclists.org https://seclists.org/bugtraq/2019/Nov/26
    Mailing ListPatchThird Party Advisory
  • oracle.com https://www.oracle.com/security-alerts/cpujan2021.html
    PatchThird Party Advisory