LOW
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.
http://packetstormsecurity.com/files/156337/SWAPGS-Attack-Proof-Of-Concept.html
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-swapgs-en
https://access.redhat.com/errata/RHBA-2019:2824
https://access.redhat.com/errata/RHBA-2019:3248
https://access.redhat.com/errata/RHSA-2019:2600
https://access.redhat.com/errata/RHSA-2019:2609
https://access.redhat.com/errata/RHSA-2019:2695
https://access.redhat.com/errata/RHSA-2019:2696
https://access.redhat.com/errata/RHSA-2019:2730
https://access.redhat.com/errata/RHSA-2019:2899
https://access.redhat.com/errata/RHSA-2019:2900
https://access.redhat.com/errata/RHSA-2019:2975
https://access.redhat.com/errata/RHSA-2019:3011
https://access.redhat.com/errata/RHSA-2019:3220
https://kc.mcafee.com/corporate/index?page=content&id=SB10297
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1125
https://www.synology.com/security/advisory/Synology_SA_19_32
Source: MITRE
Published: 2019-09-03
Updated: 2020-08-24
Type: NVD-CWE-noinfo
Base Score: 2.1
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 3.9
Severity: LOW
Base Score: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 1.8
Severity: MEDIUM
OR
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*
OR
cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 144831 | EulerOS Virtualization 3.0.2.6 : kernel (EulerOS-SA-2021-1056) | Nessus | Huawei Local Security Checks | critical |
| 138395 | F5 Networks BIG-IP : Spectre SWAPGS gadget vulnerability (K31085564) | Nessus | F5 Networks Local Security Checks | medium |
| 134312 | NewStart CGSL MAIN 4.05 : kernel Multiple Vulnerabilities (NS-SA-2020-0021) | Nessus | NewStart CGSL Local Security Checks | high |
| 132495 | NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0253) | Nessus | NewStart CGSL Local Security Checks | high |
| 132474 | NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2019-0247) | Nessus | NewStart CGSL Local Security Checks | high |
| 131845 | EulerOS 2.0 SP2 : kernel (EulerOS-SA-2019-2353) | Nessus | Huawei Local Security Checks | critical |
| 130736 | EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-2274) | Nessus | Huawei Local Security Checks | critical |
| 130663 | EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2201) | Nessus | Huawei Local Security Checks | critical |
| 130376 | RHEL 7 : kernel (RHSA-2019:3220) | Nessus | Red Hat Local Security Checks | medium |
| 129924 | NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0200) | Nessus | NewStart CGSL Local Security Checks | high |
| 129888 | NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0189) | Nessus | NewStart CGSL Local Security Checks | high |
| 129860 | RHEL 7 : Virtualization Manager (RHSA-2019:3011) | Nessus | Red Hat Local Security Checks | low |
| 129738 | RHEL 7 : kernel (RHSA-2019:2975) | Nessus | Red Hat Local Security Checks | medium |
| 129373 | RHEL 7 : kernel (RHSA-2019:2900) | Nessus | Red Hat Local Security Checks | high |
| 129372 | RHEL 7 : kernel (RHSA-2019:2899) | Nessus | Red Hat Local Security Checks | high |
| 129284 | SUSE SLED15 / SLES15 Security Update : kernel-source-rt (SUSE-SU-2019:2430-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (SACK Panic) (SACK Slowness) (Spectre) | Nessus | SuSE Local Security Checks | high |
| 129020 | CentOS 7 : kernel (CESA-2019:2600) | Nessus | CentOS Local Security Checks | high |
| 128854 | RHEL 6 : MRG (RHSA-2019:2730) | Nessus | Red Hat Local Security Checks | high |
| 128689 | NewStart CGSL MAIN 4.06 : kernel Multiple Vulnerabilities (NS-SA-2019-0177) | Nessus | NewStart CGSL Local Security Checks | high |
| 128662 | RHEL 7 : kernel (RHSA-2019:2696) | Nessus | Red Hat Local Security Checks | high |
| 128661 | RHEL 6 : kernel (RHSA-2019:2695) | Nessus | Red Hat Local Security Checks | low |
| 128601 | Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2019-4777) | Nessus | Oracle Linux Local Security Checks | low |
| 128600 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4775) | Nessus | Oracle Linux Local Security Checks | low |
| 128542 | SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2299-1) | Nessus | SuSE Local Security Checks | medium |
| 128513 | Oracle Linux 7 : kernel (ELSA-2019-2600) | Nessus | Oracle Linux Local Security Checks | high |
| 128501 | Scientific Linux Security Update : kernel on SL7.x x86_64 (20190903) | Nessus | Scientific Linux Local Security Checks | high |
| 128498 | RHEL 7 : kernel-rt (RHSA-2019:2609) | Nessus | Red Hat Local Security Checks | high |
| 128495 | RHEL 7 : kernel (RHSA-2019:2600) | Nessus | Red Hat Local Security Checks | high |
| 128470 | SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2263-1) | Nessus | SuSE Local Security Checks | medium |
| 128469 | SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2262-1) | Nessus | SuSE Local Security Checks | medium |
| 128032 | Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2019-067) | Nessus | Virtuozzo Local Security Checks | high |
| 128012 | openSUSE Security Update : the Linux Kernel (openSUSE-2019-1924) | Nessus | SuSE Local Security Checks | medium |
| 128011 | openSUSE Security Update : the Linux Kernel (openSUSE-2019-1923) | Nessus | SuSE Local Security Checks | medium |
| 127985 | Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4746) | Nessus | Oracle Linux Local Security Checks | high |
| 127982 | Oracle Linux 6 : kernel (ELSA-2019-2473) | Nessus | Oracle Linux Local Security Checks | high |
| 127978 | Oracle Linux 8 : kernel (ELSA-2019-2411) | Nessus | Oracle Linux Local Security Checks | high |
| 127921 | Debian DLA-1885-1 : linux-4.9 security update | Nessus | Debian Local Security Checks | high |
| 127919 | CentOS 6 : kernel (CESA-2019:2473) | Nessus | CentOS Local Security Checks | high |
| 127891 | Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : Linux kernel (AWS) vulnerability (USN-4096-1) | Nessus | Ubuntu Local Security Checks | low |
| 127890 | Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4095-1) | Nessus | Ubuntu Local Security Checks | high |
| 127889 | Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4094-1) | Nessus | Ubuntu Local Security Checks | high |
| 127888 | Ubuntu 18.04 LTS / 19.04 : Linux kernel vulnerabilities (USN-4093-1) | Nessus | Ubuntu Local Security Checks | high |
| 127882 | Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-226-01) | Nessus | Slackware Local Security Checks | high |
| 127880 | Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20190813) | Nessus | Scientific Linux Local Security Checks | high |
| 127879 | RHEL 6 : kernel (RHSA-2019:2476) | Nessus | Red Hat Local Security Checks | medium |
| 127878 | RHEL 6 : kernel (RHSA-2019:2473) | Nessus | Red Hat Local Security Checks | high |
| 127867 | Debian DSA-4497-1 : linux - security update | Nessus | Debian Local Security Checks | high |
| 127866 | Debian DLA-1884-1 : linux security update | Nessus | Debian Local Security Checks | high |
| 127776 | SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2073-1) | Nessus | SuSE Local Security Checks | medium |
| 127775 | SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2072-1) | Nessus | SuSE Local Security Checks | medium |
| 127774 | SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2071-1) | Nessus | SuSE Local Security Checks | medium |
| 127773 | SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2070-1) | Nessus | SuSE Local Security Checks | medium |
| 127772 | SUSE SLED15 / SLES15 Security Update : Linux Azure Kernel (SUSE-SU-2019:2068-1) | Nessus | SuSE Local Security Checks | medium |
| 127722 | RHEL 8 : kernel (RHSA-2019:2411) | Nessus | Red Hat Local Security Checks | high |
| 127721 | RHEL 8 : kernel-rt (RHSA-2019:2405) | Nessus | Red Hat Local Security Checks | high |
| 127614 | Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4735) | Nessus | Oracle Linux Local Security Checks | low |
| 127565 | OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0038) | Nessus | OracleVM Local Security Checks | high |
| 127532 | Fedora 30 : kernel / kernel-headers / kernel-tools (2019-e37c348348) | Nessus | Fedora Local Security Checks | low |
| 127515 | Fedora 29 : kernel / kernel-headers / kernel-tools (2019-6bda4c81f4) | Nessus | Fedora Local Security Checks | low |
| 127491 | Debian DSA-4495-1 : linux - security update | Nessus | Debian Local Security Checks | high |
| 127468 | Amazon Linux AMI : kernel (ALAS-2019-1253) | Nessus | Amazon Linux Local Security Checks | low |
| 127461 | Amazon Linux 2 : kernel (ALAS-2019-1253) | Nessus | Amazon Linux Local Security Checks | low |
| 126579 | KB4507469: Windows 10 Version 1809 and Windows Server 2019 July 2019 Security Update (SWAPGS) | Nessus | Windows : Microsoft Bulletins | high |
| 126578 | KB4507464: Windows Server 2012 July 2019 Security Update (SWAPGS) | Nessus | Windows : Microsoft Bulletins | high |
| 126577 | KB4507460: Windows 10 Version 1607 and Windows Server 2016 July 2019 Security Update (SWAPGS) | Nessus | Windows : Microsoft Bulletins | high |
| 126576 | KB4507458: Windows 10 July 2019 Security Update (SWAPGS) | Nessus | Windows : Microsoft Bulletins | high |
| 126575 | KB4507455: Windows 10 Version 1709 July 2019 Security Update (SWAPGS) | Nessus | Windows : Microsoft Bulletins | high |
| 126574 | KB4507453: Windows 10 Version 1903 July 2019 Security Update (SWAPGS) | Nessus | Windows : Microsoft Bulletins | high |
| 126573 | KB4507461: Windows Server 2008 July 2019 Security Update (SWAPGS) | Nessus | Windows : Microsoft Bulletins | high |
| 126572 | KB4507450: Windows 10 Version 1703 July 2019 Security Update (SWAPGS) | Nessus | Windows : Microsoft Bulletins | high |
| 126571 | KB4507456: Windows 7 and Windows Server 2008 R2 July 2019 Security Update (SWAPGS) | Nessus | Windows : Microsoft Bulletins | high |
| 126570 | KB4507457: Windows 8.1 and Windows Server 2012 R2 July 2019 Security Update (SWAPGS) | Nessus | Windows : Microsoft Bulletins | high |
| 126569 | KB4507435: Windows 10 Version 1803 July 2019 Security Update (SWAPGS) | Nessus | Windows : Microsoft Bulletins | high |