CVE-2019-1125

LOW

Description

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.

References

https://access.redhat.com/errata/RHBA-2019:2824

https://access.redhat.com/errata/RHSA-2019:2600

https://access.redhat.com/errata/RHSA-2019:2609

https://access.redhat.com/errata/RHSA-2019:2695

https://access.redhat.com/errata/RHSA-2019:2696

https://access.redhat.com/errata/RHSA-2019:2730

https://access.redhat.com/errata/RHSA-2019:2899

https://access.redhat.com/errata/RHSA-2019:2900

https://access.redhat.com/errata/RHSA-2019:2975

https://access.redhat.com/errata/RHSA-2019:3011

https://access.redhat.com/errata/RHSA-2019:3220

https://kc.mcafee.com/corporate/index?page=content&id=SB10297

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1125

Details

Source: MITRE

Published: 2019-09-03

Updated: 2019-09-10

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3.0

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

ID	Name	Product	Family	Severity
131845	EulerOS 2.0 SP2 : kernel (EulerOS-SA-2019-2353)	Nessus	Huawei Local Security Checks	critical
130736	EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-2274)	Nessus	Huawei Local Security Checks	critical
130663	EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2201)	Nessus	Huawei Local Security Checks	critical
130376	RHEL 7 : kernel (RHSA-2019:3220)	Nessus	Red Hat Local Security Checks	medium
129924	NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0200)	Nessus	NewStart CGSL Local Security Checks	high
129888	NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0189)	Nessus	NewStart CGSL Local Security Checks	high
129860	RHEL 7 : Virtualization Manager (RHSA-2019:3011)	Nessus	Red Hat Local Security Checks	low
129738	RHEL 7 : kernel (RHSA-2019:2975)	Nessus	Red Hat Local Security Checks	medium
129373	RHEL 7 : kernel (RHSA-2019:2900)	Nessus	Red Hat Local Security Checks	high
129372	RHEL 7 : kernel (RHSA-2019:2899)	Nessus	Red Hat Local Security Checks	high
129284	SUSE SLED15 / SLES15 Security Update : kernel-source-rt (SUSE-SU-2019:2430-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (SACK Panic) (SACK Slowness) (Spectre)	Nessus	SuSE Local Security Checks	critical
129020	CentOS 7 : kernel (CESA-2019:2600)	Nessus	CentOS Local Security Checks	low
128854	RHEL 6 : MRG (RHSA-2019:2730)	Nessus	Red Hat Local Security Checks	high
128689	NewStart CGSL MAIN 4.06 : kernel Multiple Vulnerabilities (NS-SA-2019-0177)	Nessus	NewStart CGSL Local Security Checks	high
128662	RHEL 7 : kernel (RHSA-2019:2696)	Nessus	Red Hat Local Security Checks	high
128661	RHEL 6 : kernel (RHSA-2019:2695)	Nessus	Red Hat Local Security Checks	low
128601	Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2019-4777)	Nessus	Oracle Linux Local Security Checks	low
128600	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4775)	Nessus	Oracle Linux Local Security Checks	low
128542	SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2299-1)	Nessus	SuSE Local Security Checks	high
128513	Oracle Linux 7 : kernel (ELSA-2019-2600)	Nessus	Oracle Linux Local Security Checks	low
128501	Scientific Linux Security Update : kernel on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	low
128498	RHEL 7 : kernel-rt (RHSA-2019:2609)	Nessus	Red Hat Local Security Checks	low
128495	RHEL 7 : kernel (RHSA-2019:2600)	Nessus	Red Hat Local Security Checks	low
128470	SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2263-1)	Nessus	SuSE Local Security Checks	high
128469	SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2262-1)	Nessus	SuSE Local Security Checks	high
128032	Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2019-067)	Nessus	Virtuozzo Local Security Checks	high
128012	openSUSE Security Update : the Linux Kernel (openSUSE-2019-1924)	Nessus	SuSE Local Security Checks	high
128011	openSUSE Security Update : the Linux Kernel (openSUSE-2019-1923)	Nessus	SuSE Local Security Checks	high
127985	Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4746)	Nessus	Oracle Linux Local Security Checks	high
127982	Oracle Linux 6 : kernel (ELSA-2019-2473)	Nessus	Oracle Linux Local Security Checks	high
127978	Oracle Linux 8 : kernel (ELSA-2019-2411)	Nessus	Oracle Linux Local Security Checks	high
127921	Debian DLA-1885-1 : linux-4.9 security update	Nessus	Debian Local Security Checks	high
127919	CentOS 6 : kernel (CESA-2019:2473)	Nessus	CentOS Local Security Checks	high
127891	Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : linux-aws, linux-aws-hwe vulnerability (USN-4096-1)	Nessus	Ubuntu Local Security Checks	low
127890	Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-4095-1)	Nessus	Ubuntu Local Security Checks	high
127889	Ubuntu 16.04 LTS / 18.04 LTS : linux, linux-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-kvm, (USN-4094-1)	Nessus	Ubuntu Local Security Checks	high
127888	Ubuntu 18.04 LTS / 19.04 : linux, linux-hwe, linux-azure, linux-gcp, linux-kvm, linux-raspi2, (USN-4093-1)	Nessus	Ubuntu Local Security Checks	high
127882	Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-226-01)	Nessus	Slackware Local Security Checks	high
127880	Scientific Linux Security Update : kernel on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
127879	RHEL 6 : kernel (RHSA-2019:2476)	Nessus	Red Hat Local Security Checks	medium
127878	RHEL 6 : kernel (RHSA-2019:2473)	Nessus	Red Hat Local Security Checks	high
127867	Debian DSA-4497-1 : linux - security update	Nessus	Debian Local Security Checks	high
127866	Debian DLA-1884-1 : linux security update	Nessus	Debian Local Security Checks	high
127776	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2073-1)	Nessus	SuSE Local Security Checks	high
127775	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2072-1)	Nessus	SuSE Local Security Checks	high
127774	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2071-1)	Nessus	SuSE Local Security Checks	high
127773	SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2070-1)	Nessus	SuSE Local Security Checks	high
127772	SUSE SLED15 / SLES15 Security Update : Linux Azure Kernel (SUSE-SU-2019:2068-1)	Nessus	SuSE Local Security Checks	high
127722	RHEL 8 : kernel (RHSA-2019:2411)	Nessus	Red Hat Local Security Checks	high
127721	RHEL 8 : kernel-rt (RHSA-2019:2405)	Nessus	Red Hat Local Security Checks	high
127614	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4735)	Nessus	Oracle Linux Local Security Checks	low
127565	OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0038)	Nessus	OracleVM Local Security Checks	high
127532	Fedora 30 : kernel / kernel-headers / kernel-tools (2019-e37c348348)	Nessus	Fedora Local Security Checks	low
127515	Fedora 29 : kernel / kernel-headers / kernel-tools (2019-6bda4c81f4)	Nessus	Fedora Local Security Checks	low
127491	Debian DSA-4495-1 : linux - security update	Nessus	Debian Local Security Checks	high
127468	Amazon Linux AMI : kernel (ALAS-2019-1253)	Nessus	Amazon Linux Local Security Checks	low
127461	Amazon Linux 2 : kernel (ALAS-2019-1253)	Nessus	Amazon Linux Local Security Checks	low
126579	KB4507469: Windows 10 Version 1809 and Windows Server 2019 July 2019 Security Update (SWAPGS)	Nessus	Windows : Microsoft Bulletins	high
126578	KB4507464: Windows Server 2012 July 2019 Security Update (SWAPGS)	Nessus	Windows : Microsoft Bulletins	high
126577	KB4507460: Windows 10 Version 1607 and Windows Server 2016 July 2019 Security Update (SWAPGS)	Nessus	Windows : Microsoft Bulletins	high
126576	KB4507458: Windows 10 July 2019 Security Update (SWAPGS)	Nessus	Windows : Microsoft Bulletins	high
126575	KB4507455: Windows 10 Version 1709 July 2019 Security Update (SWAPGS)	Nessus	Windows : Microsoft Bulletins	high
126574	KB4507453: Windows 10 Version 1903 July 2019 Security Update (SWAPGS)	Nessus	Windows : Microsoft Bulletins	high
126573	KB4507461: Windows Server 2008 July 2019 Security Update (SWAPGS)	Nessus	Windows : Microsoft Bulletins	high
126572	KB4507450: Windows 10 Version 1703 July 2019 Security Update (SWAPGS)	Nessus	Windows : Microsoft Bulletins	high
126571	KB4507456: Windows 7 and Windows Server 2008 R2 July 2019 Security Update (SWAPGS)	Nessus	Windows : Microsoft Bulletins	high
126570	KB4507457: Windows 8.1 and Windows Server 2012 R2 July 2019 Security Update (SWAPGS)	Nessus	Windows : Microsoft Bulletins	high
126569	KB4507435: Windows 10 Version 1803 July 2019 Security Update (SWAPGS)	Nessus	Windows : Microsoft Bulletins	high