LOW
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html
http://www.openwall.com/lists/oss-security/2019/12/10/3
http://www.openwall.com/lists/oss-security/2019/12/10/4
http://www.openwall.com/lists/oss-security/2019/12/11/1
https://access.redhat.com/errata/RHSA-2019:3936
https://seclists.org/bugtraq/2019/Dec/28
https://seclists.org/bugtraq/2019/Nov/26
https://support.f5.com/csp/article/K02912734?utm_source=f5support&utm_medium=RSS
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us
https://usn.ubuntu.com/4186-2/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html
Source: MITRE
Published: 2019-11-14
Updated: 2019-12-16
Type: CWE-200
Base Score: 2.1
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 3.9
Severity: LOW
Base Score: 6.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Impact Score: 4
Exploitability Score: 2
Severity: MEDIUM
OR
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
AND
OR
OR
OR
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 132925 | SUSE SLES12 Security Update : kernel (SUSE-SU-2020:0093-1) | Nessus | SuSE Local Security Checks | critical |
| 132875 | Debian DSA-4602-1 : xen - security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) | Nessus | Debian Local Security Checks | high |
| 132687 | RHEL 7 : kpatch-patch (RHSA-2020:0028) | Nessus | Red Hat Local Security Checks | low |
| 132685 | RHEL 7 : kpatch-patch (RHSA-2020:0026) | Nessus | Red Hat Local Security Checks | low |
| 132536 | Photon OS 2.0: Linux PHSA-2019-2.0-0191 | Nessus | PhotonOS Local Security Checks | low |
| 132520 | Photon OS 1.0: Linux PHSA-2019-1.0-0259 | Nessus | PhotonOS Local Security Checks | low |
| 132516 | openSUSE Security Update : spectre-meltdown-checker (openSUSE-2019-2710) | Nessus | SuSE Local Security Checks | low |
| 132513 | Debian DLA-2051-1 : intel-microcode security update | Nessus | Debian Local Security Checks | low |
| 132499 | NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0266) | Nessus | NewStart CGSL Local Security Checks | high |
| 132490 | NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0264) | Nessus | NewStart CGSL Local Security Checks | high |
| 132337 | SUSE SLED15 / SLES15 Security Update : spectre-meltdown-checker (SUSE-SU-2019:3348-1) | Nessus | SuSE Local Security Checks | low |
| 132334 | SUSE SLES12 Security Update : spectre-meltdown-checker (SUSE-SU-2019:3340-1) | Nessus | SuSE Local Security Checks | low |
| 132101 | Windows Speculative Execution Configuration Check | Nessus | Windows | medium |
| 132073 | SUSE SLES12 Security Update : xen (SUSE-SU-2019:3297-1) | Nessus | SuSE Local Security Checks | high |
| 132071 | SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:3295-1) | Nessus | SuSE Local Security Checks | high |
| 131833 | SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3200-1) | Nessus | SuSE Local Security Checks | high |
| 131694 | Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : intel-microcode regression (USN-4182-3) | Nessus | Ubuntu Local Security Checks | low |
| 131552 | SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2019:3091-1) | Nessus | SuSE Local Security Checks | low |
| 131460 | Fedora 30 : xen (2019-cbb732f760) | Nessus | Fedora Local Security Checks | high |
| 131297 | FreeBSD : FreeBSD -- Intel CPU Microcode Update (fbe10a8a-05a1-11ea-9dfa-f8b156ac3ff9) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (Spectre) | Nessus | FreeBSD Local Security Checks | high |
| 131272 | Oracle Linux 8 : kernel (ELSA-2019-3832) | Nessus | Oracle Linux Local Security Checks | low |
| 131227 | Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2019-089) | Nessus | Virtuozzo Local Security Checks | high |
| 131208 | OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0056) | Nessus | OracleVM Local Security Checks | high |
| 131177 | RHEL 8 : kpatch-patch (RHSA-2019:3936) | Nessus | Red Hat Local Security Checks | low |
| 131174 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4850) | Nessus | Oracle Linux Local Security Checks | high |
| 131156 | openSUSE Security Update : ucode-intel (openSUSE-2019-2528) | Nessus | SuSE Local Security Checks | low |
| 131155 | openSUSE Security Update : ucode-intel (openSUSE-2019-2527) | Nessus | SuSE Local Security Checks | low |
| 131143 | Fedora 31 : xen (2019-376ec5c107) | Nessus | Fedora Local Security Checks | high |
| 131129 | VMware Workstation 15.0.x < 15.5.1 Multiple Vulnerabilities (VMSA-2019-0020, VMSA-2019-0021) | Nessus | Windows | medium |
| 131128 | VMware Fusion 11.0.x < 11.5.1 Multiple Vulnerabilities (VMSA-2019-0020, VMSA-2019-0021) | Nessus | MacOS X Local Security Checks | medium |
| 131123 | SUSE SLED12 / SLES12 Security Update : ucode-intel (SUSE-SU-2019:2988-1) | Nessus | SuSE Local Security Checks | low |
| 131122 | SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2987-1) | Nessus | SuSE Local Security Checks | low |
| 131121 | SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2986-1) | Nessus | SuSE Local Security Checks | low |
| 131120 | SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2984-1) | Nessus | SuSE Local Security Checks | critical |
| 131114 | Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-320-01) | Nessus | Slackware Local Security Checks | high |
| 131110 | Oracle Linux 7 : kernel (ELSA-2019-3834) | Nessus | Oracle Linux Local Security Checks | low |
| 131083 | Amazon Linux AMI : microcode_ctl / kernel (ALAS-2019-1318) | Nessus | Amazon Linux Local Security Checks | low |
| 131082 | Amazon Linux 2 : microcode_ctl / kernel (ALAS-2019-1364) | Nessus | Amazon Linux Local Security Checks | low |
| 131064 | openSUSE Security Update : qemu (openSUSE-2019-2510) | Nessus | SuSE Local Security Checks | medium |
| 131063 | openSUSE Security Update : ucode-intel (openSUSE-2019-2509) | Nessus | SuSE Local Security Checks | low |
| 131062 | openSUSE Security Update : xen (openSUSE-2019-2508) | Nessus | SuSE Local Security Checks | high |
| 131061 | openSUSE Security Update : the Linux Kernel (openSUSE-2019-2507) | Nessus | SuSE Local Security Checks | high |
| 131060 | openSUSE Security Update : xen (openSUSE-2019-2506) | Nessus | SuSE Local Security Checks | high |
| 131059 | openSUSE Security Update : qemu (openSUSE-2019-2505) | Nessus | SuSE Local Security Checks | low |
| 131058 | openSUSE Security Update : ucode-intel (openSUSE-2019-2504) | Nessus | SuSE Local Security Checks | low |
| 131057 | openSUSE Security Update : the Linux Kernel (openSUSE-2019-2503) | Nessus | SuSE Local Security Checks | high |
| 131032 | CentOS 7 : kernel (CESA-2019:3834) | Nessus | CentOS Local Security Checks | low |
| 131018 | VMSA-2019-0020 : Hypervisor-Specific Mitigations for Denial-of-Service and Speculative-Execution Vulnerabilities | Nessus | VMware ESX Local Security Checks | low |
| 131014 | Ubuntu 16.04 LTS : linux vulnerability (USN-4186-3) | Nessus | Ubuntu Local Security Checks | high |
| 131013 | Ubuntu 16.04 LTS / 18.04 LTS : linux, linux-hwe, linux-oem vulnerability and regression (USN-4185-3) | Nessus | Ubuntu Local Security Checks | high |
| 131012 | Ubuntu 18.04 LTS / 19.04 : linux, linux-hwe, linux-oem-osp1 vulnerability and regression (USN-4184-2) | Nessus | Ubuntu Local Security Checks | high |
| 131011 | Ubuntu 19.10 : linux vulnerability (USN-4183-2) | Nessus | Ubuntu Local Security Checks | high |
| 131007 | Scientific Linux Security Update : kernel on SL7.x x86_64 | Nessus | Scientific Linux Local Security Checks | low |
| 131006 | Scientific Linux Security Update : kernel on SL6.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | low |
| 130999 | RHEL 7 : Virtualization Manager (RHSA-2019:3860) | Nessus | Red Hat Local Security Checks | low |
| 130998 | RHEL 6 : MRG (RHSA-2019:3844) | Nessus | Red Hat Local Security Checks | low |
| 130997 | Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2019-4839) | Nessus | Oracle Linux Local Security Checks | low |
| 130996 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4838) | Nessus | Oracle Linux Local Security Checks | low |
| 130995 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4837) | Nessus | Oracle Linux Local Security Checks | low |
| 130994 | Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4836) | Nessus | Oracle Linux Local Security Checks | low |
| 130993 | Oracle Linux 6 : kernel (ELSA-2019-3836) | Nessus | Oracle Linux Local Security Checks | low |
| 130989 | Fedora 29 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-7a3fc17778) | Nessus | Fedora Local Security Checks | high |
| 130983 | Debian DSA-4565-1 : intel-microcode - security update | Nessus | Debian Local Security Checks | low |
| 130982 | Debian DSA-4564-1 : linux - security update | Nessus | Debian Local Security Checks | high |
| 130979 | Debian DLA-1990-1 : linux-4.9 security update | Nessus | Debian Local Security Checks | high |
| 130978 | CentOS 6 : kernel (CESA-2019:3836) | Nessus | CentOS Local Security Checks | low |
| 130966 | Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm vulnerabilities (USN-4186-1) | Nessus | Ubuntu Local Security Checks | high |
| 130965 | Ubuntu 16.04 LTS / 18.04 LTS : linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, (USN-4185-1) | Nessus | Ubuntu Local Security Checks | high |
| 130964 | Ubuntu 18.04 LTS / 19.04 : linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, (USN-4184-1) | Nessus | Ubuntu Local Security Checks | high |
| 130963 | Ubuntu 19.10 : linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oracle, (USN-4183-1) | Nessus | Ubuntu Local Security Checks | high |
| 130962 | Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : intel-microcode update (USN-4182-1) | Nessus | Ubuntu Local Security Checks | low |
| 130960 | SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2019:2962-1) | Nessus | SuSE Local Security Checks | high |
| 130959 | SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2019:2961-1) | Nessus | SuSE Local Security Checks | high |
| 130958 | SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2019:2960-1) | Nessus | SuSE Local Security Checks | high |
| 130957 | SUSE SLED12 / SLES12 Security Update : ucode-intel (SUSE-SU-2019:2959-1) | Nessus | SuSE Local Security Checks | low |
| 130956 | SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2958-1) | Nessus | SuSE Local Security Checks | low |
| 130955 | SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2957-1) | Nessus | SuSE Local Security Checks | low |
| 130954 | SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2019:2956-1) | Nessus | SuSE Local Security Checks | low |
| 130953 | SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2019:2955-1) | Nessus | SuSE Local Security Checks | medium |
| 130952 | SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2019:2954-1) | Nessus | SuSE Local Security Checks | low |
| 130951 | SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2953-1) | Nessus | SuSE Local Security Checks | high |
| 130950 | SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2950-1) (SACK Panic) | Nessus | SuSE Local Security Checks | critical |
| 130949 | SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2949-1) | Nessus | SuSE Local Security Checks | critical |
| 130948 | SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2948-1) | Nessus | SuSE Local Security Checks | high |
| 130947 | SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2947-1) | Nessus | SuSE Local Security Checks | high |
| 130946 | SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2946-1) | Nessus | SuSE Local Security Checks | high |
| 130935 | RHEL 6 : kernel (RHSA-2019:3843) | Nessus | Red Hat Local Security Checks | low |
| 130934 | RHEL 6 : kernel (RHSA-2019:3842) | Nessus | Red Hat Local Security Checks | low |
| 130933 | RHEL 7 : kernel (RHSA-2019:3841) | Nessus | Red Hat Local Security Checks | high |
| 130932 | RHEL 7 : kernel (RHSA-2019:3840) | Nessus | Red Hat Local Security Checks | low |
| 130931 | RHEL 7 : kernel (RHSA-2019:3839) | Nessus | Red Hat Local Security Checks | low |
| 130930 | RHEL 7 : kernel (RHSA-2019:3838) | Nessus | Red Hat Local Security Checks | low |
| 130929 | RHEL 7 : kernel (RHSA-2019:3837) | Nessus | Red Hat Local Security Checks | low |
| 130928 | RHEL 6 : kernel (RHSA-2019:3836) | Nessus | Red Hat Local Security Checks | low |
| 130927 | RHEL 7 : kernel-rt (RHSA-2019:3835) | Nessus | Red Hat Local Security Checks | low |
| 130926 | RHEL 7 : kernel (RHSA-2019:3834) | Nessus | Red Hat Local Security Checks | low |
| 130925 | RHEL 8 : kernel-rt (RHSA-2019:3833) | Nessus | Red Hat Local Security Checks | low |
| 130924 | RHEL 8 : kernel (RHSA-2019:3832) | Nessus | Red Hat Local Security Checks | low |
| 130923 | OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0052) | Nessus | OracleVM Local Security Checks | low |
| 130920 | Fedora 31 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-68d7f68507) | Nessus | Fedora Local Security Checks | high |
| 130919 | Fedora 30 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-1689d3fe07) | Nessus | Fedora Local Security Checks | high |
| 130918 | Debian DLA-1989-1 : linux security update | Nessus | Debian Local Security Checks | low |
| 130910 | KB4525253: Windows Server 2012 November 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 130909 | KB4525250: Windows 8.1 and Windows Server 2012 R2 November 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 130908 | KB4525241: Windows 10 Version 1709 November 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 130907 | KB4525237: Windows 10 Version 1803 November 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 130906 | KB4525236: Windows 10 Version 1607 and Windows Server 2016 November 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 130905 | KB4525233: Windows 7 and Windows Server 2008 R2 November 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 130904 | KB4525239: Windows Server 2008 November 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 130903 | KB4525232: Windows 10 November 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 130902 | KB4524570: Windows 10 Version 1903 November 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 130901 | KB4523205: Windows 10 Version 1809 and Windows Server 2019 November 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |