Wind River Support Network

HomeDefectsOVP8-484
Fixed

OVP8-484 : Security Advisory - linux - CVE-2018-12126 MSBDS

Created: May 29, 2019    Updated: Dec 23, 2019
Resolved Date: Nov 7, 2019
Previous ID: LIN8-10980
Found In Version: 8.0.0.30
Fix Version: 8.0.0.31
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Kernel

Description

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12126
Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12126
Under certain conditions, data in microarchitectural structures that the currently-running software does not have permission to access may be speculatively accessed by faulting or assisting load or store operations. This does not result in incorrect program execution because these operations never complete, and their results are never returned to software. However, software may be able to forward this speculative-only data to a side channel disclosure gadget in a way that potentially allows malicious actors to infer the data.


https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html
https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
Live chat
Online