Wind River Support Network

HomeDefectsOVP8-485
Fixed

OVP8-485 : Security Advisory - linux - CVE-2018-12130 MFBDS

Created: May 29, 2019    Updated: Dec 23, 2019
Resolved Date: Nov 7, 2019
Previous ID: LIN8-10981
Found In Version: 8.0.0.30
Fix Version: 8.0.0.31
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Kernel

Description

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12130

CVE-2018-12130 	Microarchitectural Fill Buffer Data Sampling

Under certain conditions, data in microarchitectural structures that the currently-running software does not have permission to access may be speculatively accessed by faulting or assisting load or store operations. This does not result in incorrect program execution because these operations never complete, and their results are never returned to software. However, software may be able to forward this speculative-only data to a side channel disclosure gadget in a way that potentially allows malicious actors to infer the data.


https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html
https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
Live chat
Online