CVE-2018-12126 – hardware: Microarchitectural Store Buffer Data Sampling (MSBDS)

https://notcve.org/view.php?id=CVE-2018-12126

Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf En Microarchitectural Store Buffer Data Sampling (MSBDS): los búferes de almacenamiento en algunos microprocesadores que usan ejecución especulativa pueden permitir que un usuario autenticado active potencialmente la divulgación de información por medio de un canal lateral con acceso local. Puede encontrar una lista de los productos impactados aquí: https://www.intel.com/content/dam/www/public/us/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf. Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en https://access.redhat.com/errata/RH • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-385: Covert Timing Channel •