CVE-2020-0543

Priority
Description
Incomplete cleanup from specific special register read operations in some
Intel(R) Processors may allow an authenticated user to potentially enable
information disclosure via local access.
Ubuntu-Description
It was discovered that memory contents previously stored in
microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY
read operations on Intel client and Xeon E3 processors may be briefly
exposed to processes on the same or different processor cores. A local
attacker could use this to expose sensitive information.
Assigned-to
sbeattie
Notes
tyhicksThis issue only affects Intel client and Xeon E3 processors
sbeattiealso known as "CrossTalk"
sbeattieAffected processor families:
============= ============ ========
common name Family_Model Stepping
============= ============ ========
IvyBridge 06_3AH All
Haswell 06_3CH All
Haswell_L 06_45H All
Haswell_G 06_46H All
Broadwell_G 06_47H All
Broadwell 06_3DH All
Skylake_L 06_4EH All
Skylake 06_5EH All
Kabylake_L 06_8EH <= 0xC
Kabylake 06_9EH <= 0xD
============= ============ ========
Package
Upstream:needed
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (3.20200609.0ubuntu0.14.04.0)
Ubuntu 16.04 LTS (Xenial Xerus):released (3.20200609.0ubuntu0.16.04.0)
Ubuntu 18.04 LTS (Bionic Beaver):released (3.20200609.0ubuntu0.18.04.0)
Ubuntu 19.10 (Eoan Ermine):released (3.20200609.0ubuntu0.19.10.0)
Ubuntu 20.04 LTS (Focal Fossa):released (3.20200609.0ubuntu0.20.04.0)
Ubuntu 20.10 (Groovy Gorilla):needed
More Information

Updated: 2020-07-01 14:22:03 UTC (commit f2a40e02a46fe0d2c9d7b8b97047199f18432424)