Four vulnerabilities were publicly disclosed related to Intel microprocessors. These vulnerabilities allow unprivileged attackers to bypass restrictions to gain read access to privileged memory. They include these common vulnerabilities and exposures (CVEs):
- CVE-2018-12126 – a flaw that could lead to information disclosure from the processor store buffer
- CVE-2018-12127 – an exploit of the microprocessor load operations that can provide data to an attacker about CPU registers and operations in the CPU pipeline
- CVE-2018-12130 – the most serious of the three issues and involved the implementation of the microprocessor fill buffers and can expose data within that buffer
- CVE-2019-11091 – a flaw in the implementation of the “fill buffer,” a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache
Red Hat customers should update their systems
Security updates will degrade system performance, but Red Hat strongly suggests that customers update their systems whether or not they believe themselves to be at risk.