CVE-2020-0551
Published: 10 March 2020
Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html
Notes
Author | Note |
---|---|
sbeattie | only affects processors from Intel primary impact is for SGX users. May need toolchain updates for applications that are targeted for use in SGX enclaves. most Ubuntu kernels do not support or have SGX drivers available, and so are not affected. The linux-azure kernels do have SGX enabled (as of https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1844245 ) and thus the Ubuntu Kernel team is investigating further. The guidance that we have received so far from Intel indicates that it is only SGX applications that need mitigations. looking at the upstream intel SGX DCAP driver as of 2020-11-17, there does not seem to have been any changes due to this issue, so it is only software running in the enclave itself that is affected; marking linux-azure kernels as not-affected. |
Priority
Status
Package | Release | Status |
---|---|---|
linux-gke-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-gkeop-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-hwe-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-azure-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of life, was not-affected)
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-aws-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-gcp-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-oracle-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
intel-microcode Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
eoan |
Ignored
(end of life)
|
|
focal |
Not vulnerable
|
|
groovy |
Not vulnerable
|
|
trusty |
Not vulnerable
|
|
upstream |
Not vulnerable
|
|
xenial |
Not vulnerable
|
|
linux Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Not vulnerable
(SGX not included/enabled)
|
|
focal |
Not vulnerable
(SGX not included/enabled)
|
|
groovy |
Not vulnerable
(SGX not included/enabled)
|
|
trusty |
Not vulnerable
(SGX not included/enabled)
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Not vulnerable
(SGX not included/enabled)
|
|
linux-aws Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Not vulnerable
(SGX not included/enabled)
|
|
focal |
Not vulnerable
(SGX not included/enabled)
|
|
groovy |
Not vulnerable
(SGX not included/enabled)
|
|
trusty |
Not vulnerable
(SGX not included/enabled)
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Not vulnerable
(SGX not included/enabled)
|
|
linux-aws-5.0 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-aws-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-aws-hwe Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Not vulnerable
(SGX not included/enabled)
|
|
linux-azure Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of life, was not-affected)
|
eoan |
Ignored
(end of life)
|
|
focal |
Not vulnerable
|
|
groovy |
Not vulnerable
|
|
trusty |
Ignored
(was not-affected ESM criteria)
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Not vulnerable
|
|
linux-azure-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-azure-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-azure-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of life, was needs-triage)
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-gcp Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Not vulnerable
(SGX not included/enabled)
|
|
focal |
Not vulnerable
(SGX not included/enabled)
|
|
groovy |
Not vulnerable
(SGX not included/enabled)
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Not vulnerable
(SGX not included/enabled)
|
|
linux-gcp-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-gcp-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-gcp-edge Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-gke-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-gke-5.0 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-gke-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-hwe Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Not vulnerable
(SGX not included/enabled)
|
|
linux-hwe-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Not vulnerable
(SGX not included/enabled)
|
|
linux-kvm Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Not vulnerable
(SGX not included/enabled)
|
|
focal |
Not vulnerable
(SGX not included/enabled)
|
|
groovy |
Not vulnerable
(SGX not included/enabled)
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Not vulnerable
(SGX not included/enabled)
|
|
linux-lts-trusty Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Not vulnerable
(SGX not included/enabled)
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-oem Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Not vulnerable
(SGX not included/enabled)
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Not vulnerable
(SGX not included/enabled)
|
|
linux-oem-5.6 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
eoan |
Does not exist
|
|
focal |
Not vulnerable
(SGX not included/enabled)
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-oem-osp1 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Not vulnerable
(SGX not included/enabled)
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-oracle Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Not vulnerable
(SGX not included/enabled)
|
|
focal |
Not vulnerable
(SGX not included/enabled)
|
|
groovy |
Not vulnerable
(SGX not included/enabled)
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Not vulnerable
(SGX not included/enabled)
|
|
linux-oracle-5.0 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-oracle-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-raspi Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
eoan |
Does not exist
|
|
focal |
Not vulnerable
|
|
groovy |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-raspi-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Not vulnerable
(SGX not included/enabled)
|
|
focal |
Not vulnerable
(SGX not included/enabled)
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Not vulnerable
(SGX not included/enabled)
|
|
linux-raspi2-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Does not exist
|
|
linux-riscv Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
eoan |
Does not exist
|
|
focal |
Not vulnerable
|
|
groovy |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(SGX not included/enabled)
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(SGX not included/enabled)
|
|
xenial |
Not vulnerable
(SGX not included/enabled)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 5.6 |
Attack vector | Local |
Attack complexity | High |
Privileges required | Low |
User interaction | None |
Scope | Changed |
Confidentiality | High |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0551
- https://software.intel.com/security-software-guidance/software-guidance/load-value-injection
- https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection
- https://sourceware.org/pipermail/binutils/2020-March/110175.html
- https://lviattack.eu/
- NVD
- Launchpad
- Debian