Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2020-8695
HistoryNov 10, 2020 - 7:52 p.m.

CVE-2020-8695

2020-11-1019:52:48
redhat.com
access.redhat.com
52

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0005 Low

EPSS

Percentile

17.8%

JSON

A vulnerability was found in Intel’s implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.

Mitigation

Until a firmware update and reboot can be applied, the attack vector can be reduced by limiting read access to the sysfs attributes that export this functionality to userspace.

The command:

sudo chmod 400 /sys/class/powercap/intel_rapl/*/energy_uj

Will do this for the current boot, it will need to be scripted to run at each boot to remain persistent across reboots.

Related

fedora 4
prion 1
openvas 23
veracode 1
cvelist 1
nvd 1
nessus 73
ubuntucve 1
debiancve 1
cnvd 1
cve 1
intel 1
suse 4
lenovo 3
oraclelinux 15
f5 1
centos 2
redhat 19
cloudfoundry 3
osv 7
ubuntu 3
github 2
threatpost 1
debian 1
mageia 1
rocky 1
almalinux 1
hp 1
fedora
fedora
[SECURITY] Fedora 31 Update: microcode_ctl-2.1-39.3.fc31
2020-11-24 02:13:36
[SECURITY] Fedora 31 Update: microcode_ctl-2.1-39.2.fc31
2020-11-20 01:29:29
[SECURITY] Fedora 33 Update: microcode_ctl-2.1-43.fc33
2020-11-22 01:27:43
prion
prion
Information disclosure
2020-11-12 18:15:00
openvas
openvas
Fedora: Security Advisory for microcode_ctl (FEDORA-2020-d5941ea479)
2020-11-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3279-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3274-1)
2021-04-19 00:00:00
veracode
veracode
Information Disclosure
2020-11-12 07:53:07
cvelist
cvelist
CVE-2020-8695
2020-11-12 18:03:43
nvd
nvd
CVE-2020-8695
2020-11-12 18:15:16
nessus
nessus
Fedora 31 : 2:microcode_ctl (2020-d5941ea479)
2020-11-24 00:00:00
SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2020:3271-1)
2020-12-09 00:00:00
openSUSE Security Update : ucode-intel (openSUSE-2020-1923)
2020-11-17 00:00:00
ubuntucve
ubuntucve
CVE-2020-8695
2020-11-10 00:00:00
debiancve
debiancve
CVE-2020-8695
2020-11-12 18:15:16
cnvd
cnvd
Intel Processors Information Disclosure Vulnerability (CNVD-2022-05687)
2021-10-13 00:00:00
cve
cve
CVE-2020-8695
2020-11-12 18:15:16
intel
intel
2020.2 IPU - Intel® RAPL Interface Advisory
2021-05-11 00:00:00
suse
suse
Security update for ucode-intel (moderate)
2020-11-14 00:00:00
Security update for ucode-intel (moderate)
2020-11-15 00:00:00
Security update for ucode-intel (important)
2020-11-29 00:00:00
lenovo
lenovo
Intel RAPL Interface Advisory - Lenovo Support NL
2020-11-04 15:35:53
Intel RAPL Interface Advisory - Lenovo Support US
2020-11-04 15:35:53
Multi-vendor BIOS Security Vulnerabilities (November 2020) - Lenovo Support NL
2020-11-04 15:47:25
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2020-11-10 00:00:00
microcode_ctl security, bug fix, and enhancement update
2020-11-17 00:00:00
microcode_ctl security, bug fix and enhancement update
2020-11-17 00:00:00
f5
f5
K32512431 : Linux kernel vulnerabilities CVE-2020-8694 and CVE-2020-8695
2020-11-24 00:00:00
centos
centos
microcode_ctl security update
2020-11-19 13:47:47
microcode_ctl security update
2021-08-09 15:29:53
redhat
redhat
(RHSA-2020:5182) Moderate: microcode_ctl security, bug fix and enhancement update
2020-11-23 17:17:44
(RHSA-2020:5083) Moderate: microcode_ctl security, bug fix, and enhancement update
2020-11-11 09:27:49
(RHSA-2020:5369) Moderate: microcode_ctl security, bug fix and enhancement update
2020-12-08 10:01:53
cloudfoundry
cloudfoundry
USN-4628-1: Intel Microcode vulnerabilities | Cloud Foundry
2020-12-11 00:00:00
USN-4628-3: Intel Microcode vulnerabilities | Cloud Foundry
2021-06-11 00:00:00
USN-4628-2: Intel Microcode regression | Cloud Foundry
2020-12-11 00:00:00
osv
osv
containerd allows RAPL to be accessible to a container
2023-12-19 21:17:06
intel-microcode - security update
2021-02-06 00:00:00
/sys/devices/virtual/powercap accessible by default to containers
2023-10-30 15:25:44
ubuntu
ubuntu
Intel Microcode vulnerabilities
2020-11-11 00:00:00
Intel Microcode vulnerabilities
2021-05-17 00:00:00
Intel Microcode regression
2020-11-12 00:00:00
github
github
/sys/devices/virtual/powercap accessible by default to containers
2023-10-30 15:25:44
containerd allows RAPL to be accessible to a container
2023-12-19 21:17:06
threatpost
threatpost
Nvidia Warns Windows Gamers of GeForce NOW Flaw
2020-11-11 19:03:15
debian
debian
[SECURITY] [DLA 2546-1] intel-microcode security update
2021-02-05 18:48:10
mageia
mageia
Updated microcode package fixes security vulnerabilities
2020-11-14 00:20:36
rocky
rocky
microcode_ctl security, bug fix and enhancement update
2021-08-09 09:19:57
almalinux
almalinux
Important: microcode_ctl security, bug fix and enhancement update
2021-08-09 09:19:57
hp
hp
HPSBHF03705 rev. 6 - BIOS November 2020 Security Updates
2020-11-09 00:00:00

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0005 Low

EPSS

Percentile

17.8%

JSON
Related for RH:CVE-2020-8695
fedora4prion1openvas23veracode1cvelist1nvd1nessus73ubuntucve1debiancve1cnvd1cve1intel1suse4lenovo3oraclelinux15f51centos2redhat19cloudfoundry3osv7ubuntu3github2threatpost1debian1mageia1rocky1almalinux1hp1