CVE-2019-11139

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.

References

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html

https://support.f5.com/csp/article/K42433061?utm_source=f5support&utm_medium=RSS

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03969en_us

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.html

Details

Source: MITRE

Published: 2019-11-14

Updated: 2019-11-21

Type: CWE-754

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 6

Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Impact Score: 4

Exploitability Score: 1.5

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 2

AND

OR

cpe:2.3:o:intel:xeon_8153_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8153:-:*:*:*:*:*:*:*

Configuration 3

AND

OR

cpe:2.3:o:intel:xeon_8156_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8156:-:*:*:*:*:*:*:*

Configuration 4

AND

OR

cpe:2.3:o:intel:xeon_8158_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8158:-:*:*:*:*:*:*:*

Configuration 5

AND

OR

cpe:2.3:o:intel:xeon_8160_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8160:-:*:*:*:*:*:*:*

Configuration 6

AND

OR

cpe:2.3:o:intel:xeon_8160f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8160f:-:*:*:*:*:*:*:*

Configuration 7

AND

OR

cpe:2.3:o:intel:xeon_8160m_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8160m:-:*:*:*:*:*:*:*

Configuration 8

AND

OR

cpe:2.3:o:intel:xeon_8160t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8160t:-:*:*:*:*:*:*:*

Configuration 9

AND

OR

cpe:2.3:o:intel:xeon_8164_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8164:-:*:*:*:*:*:*:*

Configuration 10

AND

OR

cpe:2.3:o:intel:xeon_8168_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8168:-:*:*:*:*:*:*:*

Configuration 11

AND

OR

cpe:2.3:o:intel:xeon_8170_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8170:-:*:*:*:*:*:*:*

Configuration 12

AND

OR

cpe:2.3:o:intel:xeon_8170m_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8170m:-:*:*:*:*:*:*:*

Configuration 13

AND

OR

cpe:2.3:o:intel:xeon_8176_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8176:-:*:*:*:*:*:*:*

Configuration 14

AND

OR

cpe:2.3:o:intel:xeon_8176f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8176f:-:*:*:*:*:*:*:*

Configuration 15

AND

OR

cpe:2.3:o:intel:xeon_8176m_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8176m:-:*:*:*:*:*:*:*

Configuration 16

AND

OR

cpe:2.3:o:intel:xeon_8180_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8180:-:*:*:*:*:*:*:*

Configuration 17

AND

OR

cpe:2.3:o:intel:xeon_8180m_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8180m:-:*:*:*:*:*:*:*

Configuration 18

AND

OR

cpe:2.3:o:intel:xeon_5115_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_5115:-:*:*:*:*:*:*:*

Configuration 19

AND

OR

cpe:2.3:o:intel:xeon_5118_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_5118:-:*:*:*:*:*:*:*

Configuration 20

AND

OR

cpe:2.3:o:intel:xeon_5119t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_5119t:-:*:*:*:*:*:*:*

Configuration 21

AND

OR

cpe:2.3:o:intel:xeon_5120_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_5120:-:*:*:*:*:*:*:*

Configuration 22

AND

OR

cpe:2.3:o:intel:xeon_5120t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_5120t:-:*:*:*:*:*:*:*

Configuration 23

AND

OR

cpe:2.3:o:intel:xeon_5122_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_5122:-:*:*:*:*:*:*:*

Configuration 24

AND

OR

cpe:2.3:o:intel:xeon_6126_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6126:-:*:*:*:*:*:*:*

Configuration 25

AND

OR

cpe:2.3:o:intel:xeon_6126f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6126f:-:*:*:*:*:*:*:*

Configuration 26

AND

OR

cpe:2.3:o:intel:xeon_6126t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6126t:-:*:*:*:*:*:*:*

Configuration 27

AND

OR

cpe:2.3:o:intel:xeon_6128_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6128:-:*:*:*:*:*:*:*

Configuration 28

AND

OR

cpe:2.3:o:intel:xeon_6130_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6130:-:*:*:*:*:*:*:*

Configuration 29

AND

OR

cpe:2.3:o:intel:xeon_6130f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6130f:-:*:*:*:*:*:*:*

Configuration 30

AND

OR

cpe:2.3:o:intel:xeon_6130t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6130t:-:*:*:*:*:*:*:*

Configuration 31

AND

OR

cpe:2.3:o:intel:xeon_6132_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6132:-:*:*:*:*:*:*:*

Configuration 32

AND

OR

cpe:2.3:o:intel:xeon_6134_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6134:-:*:*:*:*:*:*:*

Configuration 33

AND

OR

cpe:2.3:o:intel:xeon_6134m_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6134m:-:*:*:*:*:*:*:*

Configuration 34

AND

OR

cpe:2.3:o:intel:xeon_6136_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6136:-:*:*:*:*:*:*:*

Configuration 35

AND

OR

cpe:2.3:o:intel:xeon_6138_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6138:-:*:*:*:*:*:*:*

Configuration 36

AND

OR

cpe:2.3:o:intel:xeon_6138f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6138f:-:*:*:*:*:*:*:*

Configuration 37

AND

OR

cpe:2.3:o:intel:xeon_6138t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6138t:-:*:*:*:*:*:*:*

Configuration 38

AND

OR

cpe:2.3:o:intel:xeon_6140_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6140:-:*:*:*:*:*:*:*

Configuration 39

AND

OR

cpe:2.3:o:intel:xeon_6140m_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6140m:-:*:*:*:*:*:*:*

Configuration 40

AND

OR

cpe:2.3:o:intel:xeon_6142_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6142:-:*:*:*:*:*:*:*

Configuration 41

AND

OR

cpe:2.3:o:intel:xeon_6142f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6142f:-:*:*:*:*:*:*:*

Configuration 42

AND

OR

cpe:2.3:o:intel:xeon_6144_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6144:-:*:*:*:*:*:*:*

Configuration 43

AND

OR

cpe:2.3:o:intel:xeon_6146_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6146:-:*:*:*:*:*:*:*

Configuration 44

AND

OR

cpe:2.3:o:intel:xeon_6148_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6148:-:*:*:*:*:*:*:*

Configuration 45

AND

OR

cpe:2.3:o:intel:xeon_6148f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6148f:-:*:*:*:*:*:*:*

Configuration 46

AND

OR

cpe:2.3:o:intel:xeon_6150_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6150:-:*:*:*:*:*:*:*

Configuration 47

AND

OR

cpe:2.3:o:intel:xeon_6152_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6152:-:*:*:*:*:*:*:*

Configuration 48

AND

OR

cpe:2.3:o:intel:xeon_6154_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6154:-:*:*:*:*:*:*:*

Configuration 49

AND

OR

cpe:2.3:o:intel:xeon_4108_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4108:-:*:*:*:*:*:*:*

Configuration 50

AND

OR

cpe:2.3:o:intel:xeon_4109t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4109t:-:*:*:*:*:*:*:*

Configuration 51

AND

OR

cpe:2.3:o:intel:xeon_4110_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4110:-:*:*:*:*:*:*:*

Configuration 52

AND

OR

cpe:2.3:o:intel:xeon_4112_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4112:-:*:*:*:*:*:*:*

Configuration 53

AND

OR

cpe:2.3:o:intel:xeon_4114_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4114:-:*:*:*:*:*:*:*

Configuration 54

AND

OR

cpe:2.3:o:intel:xeon_4114t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4114t:-:*:*:*:*:*:*:*

Configuration 55

AND

OR

cpe:2.3:o:intel:xeon_4116_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4116:-:*:*:*:*:*:*:*

Configuration 56

AND

OR

cpe:2.3:o:intel:xeon_4116t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4116t:-:*:*:*:*:*:*:*

Configuration 57

AND

OR

cpe:2.3:o:intel:xeon_3104_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_3104:-:*:*:*:*:*:*:*

Configuration 58

AND

OR

cpe:2.3:o:intel:xeon_3106_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_3106:-:*:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
150660SUSE SLES11 Security Update : microcode_ctl (SUSE-SU-2019:14217-1)NessusSuSE Local Security Checks
medium
150642SUSE SLES11 Security Update : microcode_ctl (SUSE-SU-2019:14220-1)NessusSuSE Local Security Checks
medium
137739OracleVM 3.3 / 3.4 : microcode_ctl (OVMSA-2020-0026) (Spectre)NessusOracleVM Local Security Checks
medium
132513Debian DLA-2051-1 : intel-microcode security updateNessusDebian Local Security Checks
medium
131694Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : intel-microcode regression (USN-4182-3)NessusUbuntu Local Security Checks
medium
131552SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2019:3091-1)NessusSuSE Local Security Checks
medium
131297FreeBSD : FreeBSD -- Intel CPU Microcode Update (fbe10a8a-05a1-11ea-9dfa-f8b156ac3ff9) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (Spectre)NessusFreeBSD Local Security Checks
critical
131156openSUSE Security Update : ucode-intel (openSUSE-2019-2528)NessusSuSE Local Security Checks
medium
131155openSUSE Security Update : ucode-intel (openSUSE-2019-2527)NessusSuSE Local Security Checks
medium
131123SUSE SLED12 / SLES12 Security Update : ucode-intel (SUSE-SU-2019:2988-1)NessusSuSE Local Security Checks
medium
131122SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2987-1)NessusSuSE Local Security Checks
medium
131121SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2986-1)NessusSuSE Local Security Checks
medium
131083Amazon Linux AMI : microcode_ctl / kernel (ALAS-2019-1318)NessusAmazon Linux Local Security Checks
medium
131082Amazon Linux 2 : microcode_ctl / kernel (ALAS-2019-1364)NessusAmazon Linux Local Security Checks
medium
131063openSUSE Security Update : ucode-intel (openSUSE-2019-2509)NessusSuSE Local Security Checks
medium
131058openSUSE Security Update : ucode-intel (openSUSE-2019-2504)NessusSuSE Local Security Checks
medium
130989Fedora 29 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-7a3fc17778)NessusFedora Local Security Checks
high
130983Debian DSA-4565-1 : intel-microcode - security updateNessusDebian Local Security Checks
medium
130962Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : Intel Microcode update (USN-4182-1)NessusUbuntu Local Security Checks
medium
130957SUSE SLED12 / SLES12 Security Update : ucode-intel (SUSE-SU-2019:2959-1)NessusSuSE Local Security Checks
medium
130956SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2958-1)NessusSuSE Local Security Checks
medium
130955SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2957-1)NessusSuSE Local Security Checks
medium
130920Fedora 31 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-68d7f68507)NessusFedora Local Security Checks
high