var-202011-1361
Vulnerability from variot

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Intel(R) There are unspecified vulnerabilities in processor products.Information may be obtained. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

===================================================================== Red Hat Security Advisory

Synopsis: Moderate: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2020:5183-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:5183 Issue date: 2020-11-23 CVE Names: CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 =====================================================================

  1. Summary:

An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux Server AUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.3) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.3) - x86_64

  1. Description:

The microcode_ctl packages provide microcode updates for Intel.

Security Fix(es):

  • hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)

  • hw: Vector Register Leakage-Active (CVE-2020-8696)

  • hw: Fast forward store predictor (CVE-2020-8698)

Bug Fix(es) and Enhancement(s):

  • Update Intel CPU microcode to microcode-20201112 release, addresses:
  • Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;
  • Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;
  • Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;
  • Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;
  • Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;
  • Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;
  • Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision 0xe0;
  • Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;
  • Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up to 0x2006a08;
  • Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;
  • Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up to 0xde;
  • Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up to 0xde;
  • Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up to 0xe0;
  • Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up to 0xde;
  • Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from revision 0xd6 up to 0xde;
  • Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up to 0xde;
  • Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up to 0xde;
  • Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up to 0xde;
  • Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up to 0xde;
  • Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up to 0xde;
  • Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode from revision 0x43 up to 0x44;
  • Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157 up to 0x1000159;
  • Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01 up to 0x4003003;
  • Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5002f01 up to 0x5003003;
  • Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up to 0x40;
  • Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up to 0x1e;
  • Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up to 0x34;
  • Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up to 0x18;
  • Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78 up to 0xa0;
  • Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca up to 0xe0.

  • Disable 06-8c-01 (TGL-UP3/UP4 B1) microcode update by default.

  • Add README file to the documentation directory.

  • Add publicly-sourced codenames list to supply to gen_provides.sh; update the latter to handle the somewhat different format.

  • Add SUMMARY.intel-ucode file

  • Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

  1. Bugs fixed (https://bugzilla.redhat.com/):

1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface 1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active 1890356 - CVE-2020-8698 hw: Fast forward store predictor

  1. Package List:

Red Hat Enterprise Linux Server AUS (v. 7.3):

Source: microcode_ctl-2.1-16.37.el7_3.src.rpm

x86_64: microcode_ctl-2.1-16.37.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm

Red Hat Enterprise Linux Server E4S (v. 7.3):

Source: microcode_ctl-2.1-16.37.el7_3.src.rpm

x86_64: microcode_ctl-2.1-16.37.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm

Red Hat Enterprise Linux Server TUS (v. 7.3):

Source: microcode_ctl-2.1-16.37.el7_3.src.rpm

x86_64: microcode_ctl-2.1-16.37.el7_3.x86_64.rpm microcode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2020-8695 https://access.redhat.com/security/cve/CVE-2020-8696 https://access.redhat.com/security/cve/CVE-2020-8698 https://access.redhat.com/security/updates/classification/#moderate

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQIVAwUBX7v1LtzjgjWX9erEAQhhzBAAi0jG7U8W+Dm2A/Nq40aoLyRcGknttkV1 0wwy62OR4KUnqiP0gHB8Sjh6UpAPqhLNExc2+B8RyUB23yUe8/PRB1fUqpmf5150 mzwiORZfu572ao7GLskdc4SUydVSqY9QuTK7mTm+HGmOm2XQpics51xWjyfKM/TN 5lrrd3DXxTrXwsjva2tPJcCp9A1s3XAVjK16Fu+FcKvXsgxruUy41YxJMsY8Mxfj pPRzcXdMvPQYhvyv8y1KY2Mz5WMKdpOK83X6Y9iYL6d0g2UT1d3cw8AOHc6GYNFS MhLDUASoII2A4xWkXCOyaocrg58QFctEHGfnxwTU5ZGq/vfOduUSLE881thD+tqD qgQBaz0cp0tNr+nYXvhtyX9XE4ve/lszq5BxqnNF0xi9hP8T5DwZzXnhtZ+aZML2 3WlT3tqgkDE7hZqyqSG8Vd9ZLzVkjmnw7+tqRjIGvzN9eKQxLXg/fPkKeHGh+HOz y0zCBHlZKrKtz0lQHP48W9t6l0Rkh19hW1fIA46rW4C7erDcW78nBMJ2cTAxbBk1 ITTGOIHpUgn3882xKM/yAHUMK25Xkh2va/e8UpafYEazSM4H9T15N87UyCVneKdD s2N1tYHegx85eoOlt24Bw2RBPFHhFGWOtE0McQ09kyDKFyGJXUMqzPhBUvvJz8mE G3KPuKrDU0U= =Vap7 -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-4628-2 November 12, 2020

intel-microcode regression

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.10
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 ESM

Summary:

USN-4628-1 introduced a regression in the Intel Microcode for some processors. Unfortunately, that update prevented certain processors in the Intel Tiger Lake family from booting successfully. This update reverts the microcode update for the Tiger Lake processor family.

Please note that the 'dis_ucode_ldr' kernel command line option can be added in the boot menu to disable microcode loading for system recovery.

We apologize for the inconvenience.

Original advisory details:

Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695)

Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696)

Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.10: intel-microcode 3.20201110.0ubuntu0.20.10.2

Ubuntu 20.04 LTS: intel-microcode 3.20201110.0ubuntu0.20.04.2

Ubuntu 18.04 LTS: intel-microcode 3.20201110.0ubuntu0.18.04.2

Ubuntu 16.04 LTS: intel-microcode 3.20201110.0ubuntu0.16.04.2

Ubuntu 14.04 ESM: intel-microcode 3.20201110.0ubuntu0.14.04.2

After a standard system update you need to reboot your computer to make all the necessary changes

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1361",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic ipc477e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "21.01.15"
      },
      {
        "model": "simatic field pg m6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "model": "hci storage node bios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "clustered data ontap",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "simatic ipc647e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "25.02.08"
      },
      {
        "model": "simatic itp1000",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "23.01.08"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "31"
      },
      {
        "model": "simatic field pg m5",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "22.01.08"
      },
      {
        "model": "hci compute node bios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "simatic ipc847e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "25.02.08"
      },
      {
        "model": "simatic ipc477e pro",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "21.01.15"
      },
      {
        "model": "simatic ipc677e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "25.02.08"
      },
      {
        "model": "simatic ipc427e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "21.01.15"
      },
      {
        "model": "solidfire bios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "simatic ipc627e",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "25.02.08"
      },
      {
        "model": "microcode",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "hci compute node bios",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "fedora",
        "scope": null,
        "trust": 0.8,
        "vendor": "fedora",
        "version": null
      },
      {
        "model": "solidfire bios",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "gnu/linux",
        "scope": null,
        "trust": 0.8,
        "vendor": "debian",
        "version": null
      },
      {
        "model": "clustered data ontap",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "microcode",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "hci storage node bios",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013420"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-8698"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "22.01.08",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "22.01.08",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "21.01.15",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.01.15",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "21.01.15",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.01.15",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "21.01.15",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.01.15",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "25.02.08",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "25.02.08",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "25.02.08",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "25.02.08",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "25.02.08",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "25.02.08",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "25.02.08",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "25.02.08",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "23.01.08",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "23.01.08",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-8698"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ubuntu",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "160018"
      },
      {
        "db": "PACKETSTORM",
        "id": "160035"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1657"
      }
    ],
    "trust": 0.8
  },
  "cve": "CVE-2020-8698",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-8698",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.9,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2020-8698",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2020-8698",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-8698",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201911-1657",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-8698",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2020-8698"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013420"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1657"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-8698"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Intel(R) There are unspecified vulnerabilities in processor products.Information may be obtained. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Moderate: microcode_ctl security, bug fix and enhancement update\nAdvisory ID:       RHSA-2020:5183-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2020:5183\nIssue date:        2020-11-23\nCVE Names:         CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 \n=====================================================================\n\n1. Summary:\n\nAn update for microcode_ctl is now available for Red Hat Enterprise Linux\n7.3 Advanced Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.3) - x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.3) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.3) - x86_64\n\n3. Description:\n\nThe microcode_ctl packages provide microcode updates for Intel. \n\nSecurity Fix(es):\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface\n(CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Intel CPU microcode to microcode-20201112 release, addresses:\n  - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;\n  - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;\n  - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;\n  - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;\n  - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;\n  - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;\n  - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision\n    0xe0;\n  - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in\n    intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;\n  - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in\n    intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up\n    to 0x2006a08;\n  - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in\n    intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;\n  - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in\n    intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n    to 0xde;\n  - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in\n    intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n    to 0xde;\n  - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in\n    intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up\n    to 0xe0;\n  - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in\n    intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up\n    to 0xde;\n  - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)\n    microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from\n    revision 0xd6 up to 0xde;\n  - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in\n    intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up\n    to 0xde;\n  - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in\n    intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up\n    to 0xde;\n  - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in\n    intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up\n    to 0xde;\n  - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in\n    intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up\n    to 0xde;\n  - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in\n    intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up\n    to 0xde;\n  - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode\n    from revision 0x43 up to 0x44;\n  - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157\n    up to 0x1000159;\n  - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01\n    up to 0x4003003;\n  - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision\n    0x5002f01 up to 0x5003003;\n  - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up\n    to 0x40;\n  - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up\n    to 0x1e;\n  - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up\n    to 0x34;\n  - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up\n    to 0x18;\n  - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78\n    up to 0xa0;\n  - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca\n    up to 0xe0. \n\n* Disable 06-8c-01 (TGL-UP3/UP4 B1) microcode update by default. \n\n* Add README file to the documentation directory. \n\n* Add publicly-sourced codenames list to supply to gen_provides.sh; update\n  the latter to handle the somewhat different format. \n\n* Add SUMMARY.intel-ucode file\n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface\n1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active\n1890356 - CVE-2020-8698 hw: Fast forward store predictor\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.3):\n\nSource:\nmicrocode_ctl-2.1-16.37.el7_3.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-16.37.el7_3.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.3):\n\nSource:\nmicrocode_ctl-2.1-16.37.el7_3.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-16.37.el7_3.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.3):\n\nSource:\nmicrocode_ctl-2.1-16.37.el7_3.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-16.37.el7_3.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-16.37.el7_3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-8695\nhttps://access.redhat.com/security/cve/CVE-2020-8696\nhttps://access.redhat.com/security/cve/CVE-2020-8698\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBX7v1LtzjgjWX9erEAQhhzBAAi0jG7U8W+Dm2A/Nq40aoLyRcGknttkV1\n0wwy62OR4KUnqiP0gHB8Sjh6UpAPqhLNExc2+B8RyUB23yUe8/PRB1fUqpmf5150\nmzwiORZfu572ao7GLskdc4SUydVSqY9QuTK7mTm+HGmOm2XQpics51xWjyfKM/TN\n5lrrd3DXxTrXwsjva2tPJcCp9A1s3XAVjK16Fu+FcKvXsgxruUy41YxJMsY8Mxfj\npPRzcXdMvPQYhvyv8y1KY2Mz5WMKdpOK83X6Y9iYL6d0g2UT1d3cw8AOHc6GYNFS\nMhLDUASoII2A4xWkXCOyaocrg58QFctEHGfnxwTU5ZGq/vfOduUSLE881thD+tqD\nqgQBaz0cp0tNr+nYXvhtyX9XE4ve/lszq5BxqnNF0xi9hP8T5DwZzXnhtZ+aZML2\n3WlT3tqgkDE7hZqyqSG8Vd9ZLzVkjmnw7+tqRjIGvzN9eKQxLXg/fPkKeHGh+HOz\ny0zCBHlZKrKtz0lQHP48W9t6l0Rkh19hW1fIA46rW4C7erDcW78nBMJ2cTAxbBk1\nITTGOIHpUgn3882xKM/yAHUMK25Xkh2va/e8UpafYEazSM4H9T15N87UyCVneKdD\ns2N1tYHegx85eoOlt24Bw2RBPFHhFGWOtE0McQ09kyDKFyGJXUMqzPhBUvvJz8mE\nG3KPuKrDU0U=\n=Vap7\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ==========================================================================\nUbuntu Security Notice USN-4628-2\nNovember 12, 2020\n\nintel-microcode regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.10\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 ESM\n\nSummary:\n\nUSN-4628-1 introduced a regression in the Intel Microcode for some processors. Unfortunately,\nthat update prevented certain processors in the Intel Tiger Lake family\nfrom booting successfully. This update reverts the microcode update for\nthe Tiger Lake processor family. \n\nPlease note that the \u0027dis_ucode_ldr\u0027 kernel command line option can be\nadded in the boot menu to disable microcode loading for system recovery. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\n Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine\n Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running\n Average Power Limit (RAPL) feature of some Intel processors allowed a side-\n channel attack based on power consumption measurements. A local attacker\n could possibly use this to expose sensitive information. (CVE-2020-8695)\n \n Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that\n some Intel(R) Processors did not properly remove sensitive information\n before storage or transfer in some situations. A local attacker could\n possibly use this to expose sensitive information. (CVE-2020-8696)\n \n Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that\n some Intel(R) Processors did not properly isolate shared resources in some\n situations. A local attacker could possibly use this to expose sensitive\n information. (CVE-2020-8698)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.10:\n  intel-microcode                 3.20201110.0ubuntu0.20.10.2\n\nUbuntu 20.04 LTS:\n  intel-microcode                 3.20201110.0ubuntu0.20.04.2\n\nUbuntu 18.04 LTS:\n  intel-microcode                 3.20201110.0ubuntu0.18.04.2\n\nUbuntu 16.04 LTS:\n  intel-microcode                 3.20201110.0ubuntu0.16.04.2\n\nUbuntu 14.04 ESM:\n  intel-microcode                 3.20201110.0ubuntu0.14.04.2\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-8698"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013420"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-8698"
      },
      {
        "db": "PACKETSTORM",
        "id": "163924"
      },
      {
        "db": "PACKETSTORM",
        "id": "163954"
      },
      {
        "db": "PACKETSTORM",
        "id": "163758"
      },
      {
        "db": "PACKETSTORM",
        "id": "163772"
      },
      {
        "db": "PACKETSTORM",
        "id": "160191"
      },
      {
        "db": "PACKETSTORM",
        "id": "160018"
      },
      {
        "db": "PACKETSTORM",
        "id": "160188"
      },
      {
        "db": "PACKETSTORM",
        "id": "160035"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-8698",
        "trust": 3.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-678983",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU91051134",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013420",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-132-05",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "163772",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "160018",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "160035",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "163993",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "163863",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "162588",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "160187",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "163757",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "160407",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.2604",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.2905",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4124",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4327",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.2797",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.0423",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.2721",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4017",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.2355",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4200",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.1664",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.2945",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.3959",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4153",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4033",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.2672",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021083127",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021081125",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021080915",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021081834",
        "trust": 0.6
      },
      {
        "db": "LENOVO",
        "id": "LEN-49266",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1657",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-8698",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "163924",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "163954",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "163758",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "160191",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "160188",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2020-8698"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013420"
      },
      {
        "db": "PACKETSTORM",
        "id": "163924"
      },
      {
        "db": "PACKETSTORM",
        "id": "163954"
      },
      {
        "db": "PACKETSTORM",
        "id": "163758"
      },
      {
        "db": "PACKETSTORM",
        "id": "163772"
      },
      {
        "db": "PACKETSTORM",
        "id": "160191"
      },
      {
        "db": "PACKETSTORM",
        "id": "160018"
      },
      {
        "db": "PACKETSTORM",
        "id": "160188"
      },
      {
        "db": "PACKETSTORM",
        "id": "160035"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1657"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-8698"
      }
    ]
  },
  "id": "VAR-202011-1361",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.5185185333333333
  },
  "last_update_date": "2023-11-07T21:08:28.118000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "NTAP-20201113-0006 Intel Intel\u00a0Product\u00a0Security\u00a0Center",
        "trust": 0.8,
        "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
      },
      {
        "title": "Intel Processors Fixes for access control error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=135724"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205185 - security advisory"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205184 - security advisory"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205189 - security advisory"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205181 - security advisory"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix, and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205083 - security advisory"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix, and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205084 - security advisory"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix, and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205190 - security advisory"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205182 - security advisory"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205183 - security advisory"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205369 - security advisory"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205085 - security advisory"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205188 - security advisory"
      },
      {
        "title": "Red Hat: Moderate: microcode_ctl security, bug fix and enhancement update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205186 - security advisory"
      },
      {
        "title": "Arch Linux Issues: ",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2020-8698 log"
      },
      {
        "title": "Arch Linux Advisories: [ASA-202102-34] intel-ucode: information disclosure",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-202102-34"
      },
      {
        "title": "Citrix Security Bulletins: Citrix Hypervisor Security Update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=0196318f80fa91831e1ad927f423d728"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=0bfef52a44075162940391ee650c313e"
      },
      {
        "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03705 rev. 6 - BIOS November 2020 Security Updates",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=892287da75187b64a9430d6c2f52fb94"
      },
      {
        "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03705 rev. 6 - BIOS November 2020 Security Updates",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=f872c139829b190dd155b5676016edf1"
      },
      {
        "title": "HP: HPSBHF03705 rev. 1 - BIOS November 2020 Security Updates",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03705"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2020-8698"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013420"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1657"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-668",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013420"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-8698"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-8698"
      },
      {
        "trust": 1.7,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
      },
      {
        "trust": 1.7,
        "url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
      },
      {
        "trust": 1.7,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/maagik5cxkbpgy3r4ur5vo56m7mklz43/"
      },
      {
        "trust": 1.7,
        "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-8698"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91051134/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-8696"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-8695"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/cve/cve-2020-8695"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/cve/cve-2020-8696"
      },
      {
        "trust": 0.6,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/163863/red-hat-security-advisory-2021-3176-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.3959/"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/163757/red-hat-security-advisory-2021-3027-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021081834"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/160035/ubuntu-security-notice-usn-4628-2.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4200/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4153/"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/160018/ubuntu-security-notice-usn-4628-1.html"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/163772/red-hat-security-advisory-2021-3029-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-132-05"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4327/"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/160187/red-hat-security-advisory-2020-5184-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021081125"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021083127"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.2355"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/163993/red-hat-security-advisory-2021-3364-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/intel-processors-information-disclosure-33881"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4033/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.2905"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4017/"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/162588/ubuntu-security-notice-usn-4628-3.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4124/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.0423"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.2721"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021080915"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.2604"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.2945"
      },
      {
        "trust": 0.6,
        "url": "https://support.lenovo.com/us/en/product_security/len-49266"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.2672"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/160407/red-hat-security-advisory-2020-5369-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.1664"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.2797"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-24511"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24512"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-24512"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24489"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-24489"
      },
      {
        "trust": 0.4,
        "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-0549"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-0543"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-0549"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-0543"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24511"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-0548"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-0548"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "trust": 0.2,
        "url": "https://usn.ubuntu.com/4628-1"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/668.html"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2020:5185"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-05"
      },
      {
        "trust": 0.1,
        "url": "https://support.hp.com/us-en/document/c06962236"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2021:3255"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2021:3323"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2021:3028"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2021:3029"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2020:5181"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.16.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.18.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.10.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2020:5183"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/4628-2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/bugs/1903883"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.18.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.16.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20201110.0ubuntu0.20.10.2"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2020-8698"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013420"
      },
      {
        "db": "PACKETSTORM",
        "id": "163924"
      },
      {
        "db": "PACKETSTORM",
        "id": "163954"
      },
      {
        "db": "PACKETSTORM",
        "id": "163758"
      },
      {
        "db": "PACKETSTORM",
        "id": "163772"
      },
      {
        "db": "PACKETSTORM",
        "id": "160191"
      },
      {
        "db": "PACKETSTORM",
        "id": "160018"
      },
      {
        "db": "PACKETSTORM",
        "id": "160188"
      },
      {
        "db": "PACKETSTORM",
        "id": "160035"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1657"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-8698"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2020-8698"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013420"
      },
      {
        "db": "PACKETSTORM",
        "id": "163924"
      },
      {
        "db": "PACKETSTORM",
        "id": "163954"
      },
      {
        "db": "PACKETSTORM",
        "id": "163758"
      },
      {
        "db": "PACKETSTORM",
        "id": "163772"
      },
      {
        "db": "PACKETSTORM",
        "id": "160191"
      },
      {
        "db": "PACKETSTORM",
        "id": "160018"
      },
      {
        "db": "PACKETSTORM",
        "id": "160188"
      },
      {
        "db": "PACKETSTORM",
        "id": "160035"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1657"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-8698"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-11-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-8698"
      },
      {
        "date": "2021-07-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-013420"
      },
      {
        "date": "2021-08-27T19:22:22",
        "db": "PACKETSTORM",
        "id": "163924"
      },
      {
        "date": "2021-08-31T15:43:48",
        "db": "PACKETSTORM",
        "id": "163954"
      },
      {
        "date": "2021-08-09T14:15:45",
        "db": "PACKETSTORM",
        "id": "163758"
      },
      {
        "date": "2021-08-10T14:49:53",
        "db": "PACKETSTORM",
        "id": "163772"
      },
      {
        "date": "2020-11-24T15:00:08",
        "db": "PACKETSTORM",
        "id": "160191"
      },
      {
        "date": "2020-11-11T14:59:21",
        "db": "PACKETSTORM",
        "id": "160018"
      },
      {
        "date": "2020-11-24T14:59:25",
        "db": "PACKETSTORM",
        "id": "160188"
      },
      {
        "date": "2020-11-12T15:38:50",
        "db": "PACKETSTORM",
        "id": "160035"
      },
      {
        "date": "2019-11-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201911-1657"
      },
      {
        "date": "2020-11-12T18:15:00",
        "db": "NVD",
        "id": "CVE-2020-8698"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-04-26T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-8698"
      },
      {
        "date": "2021-07-02T04:40:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-013420"
      },
      {
        "date": "2022-05-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201911-1657"
      },
      {
        "date": "2022-04-26T16:33:00",
        "db": "NVD",
        "id": "CVE-2020-8698"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "160018"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1657"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel(R)\u00a0 Vulnerabilities in processor products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-013420"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "access control error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1657"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.