CVE-2019-11139LOW
Description
Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
References
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html
https://support.f5.com/csp/article/K42433061?utm_source=f5support&utm_medium=RSS
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03969en_us
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.html
Details
Source: MITRE
Published: 2019-11-14
Updated: 2019-11-21
Type: CWE-754
Risk Information
CVSS v2.0
Base Score: 2.1
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 3.9
Severity: LOW
CVSS v3.0
Base Score: 6
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Impact Score: 4
Exploitability Score: 1.5
Severity: MEDIUM
Vulnerable Software
Configuration 1
OR
Configuration 2
AND
OR
OR
Configuration 3
AND
OR
OR
Configuration 4
AND
OR
OR
Configuration 5
AND
OR
OR
Configuration 6
AND
OR
OR
Configuration 7
AND
OR
OR
Configuration 8
AND
OR
OR
Configuration 9
AND
OR
OR
Configuration 10
AND
OR
OR
Configuration 11
AND
OR
OR
Configuration 12
AND
OR
OR
Configuration 13
AND
OR
OR
Configuration 14
AND
OR
OR
Configuration 15
AND
OR
OR
Configuration 16
AND
OR
OR
Configuration 17
AND
OR
OR
Configuration 18
AND
OR
OR
Configuration 19
AND
OR
OR
Configuration 20
AND
OR
OR
Configuration 21
AND
OR
OR
Configuration 22
AND
OR
OR
Configuration 23
AND
OR
OR
Configuration 24
AND
OR
OR
Configuration 25
AND
OR
OR
Configuration 26
AND
OR
OR
Configuration 27
AND
OR
OR
Configuration 28
AND
OR
OR
Configuration 29
AND
OR
OR
Configuration 30
AND
OR
OR
Configuration 31
AND
OR
OR
Configuration 32
AND
OR
OR
Configuration 33
AND
OR
OR
Configuration 34
AND
OR
OR
Configuration 35
AND
OR
OR
Configuration 36
AND
OR
OR
Configuration 37
AND
OR
OR
Configuration 38
AND
OR
OR
Configuration 39
AND
OR
OR
Configuration 40
AND
OR
OR
Configuration 41
AND
OR
OR
Configuration 42
AND
OR
OR
Configuration 43
AND
OR
OR
Configuration 44
AND
OR
OR
Configuration 45
AND
OR
OR
Configuration 46
AND
OR
OR
Configuration 47
AND
OR
OR
Configuration 48
AND
OR
OR
Configuration 49
AND
OR
OR
Configuration 50
AND
OR
OR
Configuration 51
AND
OR
OR
Configuration 52
AND
OR
OR
Configuration 53
AND
OR
OR
Configuration 54
AND
OR
OR
Configuration 55
AND
OR
OR
Configuration 56
AND
OR
OR
Configuration 57
AND
OR
OR
Configuration 58
AND
OR
OR
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 137739 | OracleVM 3.3 / 3.4 : microcode_ctl (OVMSA-2020-0026) (Spectre) | Nessus | OracleVM Local Security Checks | low |
| 132513 | Debian DLA-2051-1 : intel-microcode security update | Nessus | Debian Local Security Checks | low |
| 131694 | Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : intel-microcode regression (USN-4182-3) | Nessus | Ubuntu Local Security Checks | low |
| 131552 | SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2019:3091-1) | Nessus | SuSE Local Security Checks | low |
| 131297 | FreeBSD : FreeBSD -- Intel CPU Microcode Update (fbe10a8a-05a1-11ea-9dfa-f8b156ac3ff9) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (Spectre) | Nessus | FreeBSD Local Security Checks | high |
| 131156 | openSUSE Security Update : ucode-intel (openSUSE-2019-2528) | Nessus | SuSE Local Security Checks | low |
| 131155 | openSUSE Security Update : ucode-intel (openSUSE-2019-2527) | Nessus | SuSE Local Security Checks | low |
| 131123 | SUSE SLED12 / SLES12 Security Update : ucode-intel (SUSE-SU-2019:2988-1) | Nessus | SuSE Local Security Checks | low |
| 131122 | SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2987-1) | Nessus | SuSE Local Security Checks | low |
| 131121 | SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2986-1) | Nessus | SuSE Local Security Checks | low |
| 131083 | Amazon Linux AMI : microcode_ctl / kernel (ALAS-2019-1318) | Nessus | Amazon Linux Local Security Checks | low |
| 131082 | Amazon Linux 2 : microcode_ctl / kernel (ALAS-2019-1364) | Nessus | Amazon Linux Local Security Checks | low |
| 131063 | openSUSE Security Update : ucode-intel (openSUSE-2019-2509) | Nessus | SuSE Local Security Checks | low |
| 131058 | openSUSE Security Update : ucode-intel (openSUSE-2019-2504) | Nessus | SuSE Local Security Checks | low |
| 130989 | Fedora 29 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-7a3fc17778) | Nessus | Fedora Local Security Checks | high |
| 130983 | Debian DSA-4565-1 : intel-microcode - security update | Nessus | Debian Local Security Checks | low |
| 130962 | Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : Intel Microcode update (USN-4182-1) | Nessus | Ubuntu Local Security Checks | low |
| 130957 | SUSE SLED12 / SLES12 Security Update : ucode-intel (SUSE-SU-2019:2959-1) | Nessus | SuSE Local Security Checks | low |
| 130956 | SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2958-1) | Nessus | SuSE Local Security Checks | low |
| 130955 | SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2957-1) | Nessus | SuSE Local Security Checks | low |
| 130920 | Fedora 31 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-68d7f68507) | Nessus | Fedora Local Security Checks | high |