Potential security vulnerabilities in some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities.
CVEID: CVE-2020-0548
Description: Cleanup errors in some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVSS Base Score: 2.8 Low
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
CVEID: CVE-2020-0549
Description: Cleanup errors in some data cache evictions for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVSS Base Score: 6.5 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
A list of impacted products can be found here.
Intel recommends that users of affected Intel® Processors update to the latest version firmware provided by the system manufacturer that addresses these issues.
Intel has released microcode updates for the affected Intel® Processors that are currently supported on the public github repository. Please see details below on access to the microcode:
GitHub*: Public Github: <https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files>
Additional technical details about these vulnerabilities can be found at:
<https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling>
<https://software.intel.com/security-software-guidance/software-guidance/vector-register-sampling>
Additional Advisory Guidance on CVE-2020-0548, CVE 2020-0549 available here.
Intel would like to thank the following individuals for finding, reporting and coordinating these vulnerabilities to us.
Intel thanks TU Graz and KU Leuven for disclosure of CVE-2020-0549.
Graz University of Technology: Moritz Lipp, Michael Schwarz, Daniel Gruss.
KU Leuven: Jo Van Bulck.
Intel thanks VU Amsterdam, for disclosure of CVE-2020-0548 and CVE-2020-0549. VUSec group at VU Amsterdam: Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida.
Researchers from TU Graz and Ku Leuven provided Intel with a Proof of Concept (POC) in May 2019 and researchers from VU Amsterdam provided Proof of Concept (POC) in October 2019. Intel subsequently confirmed each submission demonstrates CVE-2020-0549 individually.