Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-12127

Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

Published

2019-05-30T16:29:00.903

Last Modified

2024-11-21T03:44:38.757

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 5.6 (MEDIUM)

CVSSv2 Vector

AV:L/AC:M/Au:N/C:C/I:N/A:N

  • Access Vector: LOCAL
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

3.4

Impact Score

6.9

Weaknesses
  • Type: Primary
    CWE-200
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System intel microarchitectural_load_port_data_sampling_firmware - Yes
Hardware intel microarchitectural_load_port_data_sampling - No
Operating System fedoraproject fedora 29 Yes
References