// For flags

CVE-2018-12130

hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)

Severity Score

5.6
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

En Microarchitectural Fill Buffer Data Sampling (MFBDS): El llenado de los búfer en algunos microprocesadores que utilizan ejecución especulativa pueden permitir que un usuario autenticado active potencialmente la divulgación de información por medio de un canal lateral con acceso local. Puede encontrar una lista de los productos impactados aquí: https://www.intel.com/content/dam/www/public/us/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf.

A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-06-11 CVE Reserved
  • 2019-05-15 CVE Published
  • 2024-05-23 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
  • CWE-226: Sensitive Information in Resource Not Removed Before Reuse
CAPEC
References (28)
URL Tag Source
http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html X_refsource_misc
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt X_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en X_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf X_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf X_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10292 X_refsource_confirm
https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html Mailing List
https://seclists.org/bugtraq/2019/Jun/28 Mailing List
https://seclists.org/bugtraq/2019/Jun/36 Mailing List
https://seclists.org/bugtraq/2019/Nov/15 Mailing List
https://seclists.org/bugtraq/2019/Nov/16 Mailing List
https://seclists.org/bugtraq/2020/Jan/21 Mailing List
https://www.synology.com/security/advisory/Synology_SA_19_24 X_refsource_confirm
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html 2023-11-07
https://access.redhat.com/errata/RHSA-2019:1455 2023-11-07
https://access.redhat.com/errata/RHSA-2019:2553 2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4 2023-11-07
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc 2023-11-07
https://security.gentoo.org/glsa/202003-56 2023-11-07
https://usn.ubuntu.com/3977-3 2023-11-07
https://www.debian.org/security/2020/dsa-4602 2023-11-07
https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc 2023-11-07
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html 2023-11-07
https://access.redhat.com/security/cve/CVE-2018-12130 2019-08-22
https://bugzilla.redhat.com/show_bug.cgi?id=1646784 2019-08-22
https://access.redhat.com/security/vulnerabilities/mds 2019-08-22
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Intel
Search vendor "Intel"
 Microarchitectural Fill Buffer Data Sampling Firmware
Search vendor "Intel" for product "Microarchitectural Fill Buffer Data Sampling Firmware"
--
Affected
in Intel
Search vendor "Intel"
 Microarchitectural Fill Buffer Data Sampling
Search vendor "Intel" for product "Microarchitectural Fill Buffer Data Sampling"
--
Safe
Fedoraproject
Search vendor "Fedoraproject"
 Fedora
Search vendor "Fedoraproject" for product "Fedora"
 29
Search vendor "Fedoraproject" for product "Fedora" and version "29"
-
Affected