CVE-2020-0543

Priority
Description
Incomplete cleanup from specific special register read operations in some
Intel(R) Processors may allow an authenticated user to potentially enable
information disclosure via local access.
Ubuntu-Description
It was discovered that memory contents previously stored in
microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY
read operations on Intel client and Xeon E3 processors may be briefly
exposed to processes on the same or different processor cores. A local
attacker could use this to expose sensitive information.
Assigned-to
sbeattie
Notes
tyhicksThis issue only affects Intel client and Xeon E3 processors
sbeattiealso known as "CrossTalk"
sbeattieAffected processor families:
============= ============ ========
common name Family_Model Stepping
============= ============ ========
IvyBridge 06_3AH All
Haswell 06_3CH All
Haswell_L 06_45H All
Haswell_G 06_46H All
Broadwell_G 06_47H All
Broadwell 06_3DH All
Skylake_L 06_4EH All
Skylake 06_5EH All
Kabylake_L 06_8EH <= 0xC
Kabylake 06_9EH <= 0xD
============= ============ ========
Package
Upstream:needed
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (3.20200609.0ubuntu0.14.04.0)
Ubuntu 16.04 LTS (Xenial Xerus):released (3.20200609.0ubuntu0.16.04.0)
Ubuntu 18.04 LTS (Bionic Beaver):released (3.20200609.0ubuntu0.18.04.0)
Ubuntu 20.04 LTS (Focal Fossa):released (3.20200609.0ubuntu0.20.04.0)
Ubuntu 20.10 (Groovy Gorilla):needed
More Information

Updated: 2020-09-09 23:33:49 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)