CVE-2020-24511
Published: 8 June 2021
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
From the Ubuntu Security Team
Joseph Nuzman discovered that some Intel processors may not properly apply EIBRS mitigations (originally developed for CVE-2017-5715) and hence may allow unauthorized memory reads via sidechannel attacks. A local attacker could use this to expose sensitive information, including kernel memory.
Notes
Author | Note |
---|---|
sbeattie | INTEL-TA-00464 no kernel component to this MCU update |
Priority
Status
Package | Release | Status |
---|---|---|
intel-microcode Launchpad, Ubuntu, Debian |
bionic |
Released
(3.20210608.0ubuntu0.18.04.1)
|
focal |
Released
(3.20210608.0ubuntu0.20.04.1)
|
|
groovy |
Released
(3.20210608.0ubuntu0.20.10.1)
|
|
hirsute |
Released
(3.20210608.0ubuntu0.21.04.1)
|
|
impish |
Released
(3.20210608.0ubuntu1)
|
|
jammy |
Released
(3.20210608.0ubuntu1)
|
|
trusty |
Released
(3.20210608.0ubuntu0.14.04.1+esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
upstream |
Needs triage
|
|
xenial |
Released
(3.20210608.0ubuntu0.16.04.1+esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 5.6 |
Attack vector | Local |
Attack complexity | High |
Privileges required | Low |
User interaction | None |
Scope | Changed |
Confidentiality | High |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N |