Security Alert (A19-05-09): Multiple Vulnerabilities in Intel Products

Description:

Intel has recently disclosed a new group of vulnerabilities collectively known as Microarchitectural Data Sampling (MDS) affecting some Intel processors. MDS may allow an attacker who can locally execute code on a system to infer and read protected data of another process running on the same system.  Exploiting the vulnerabilities requires an attacker to run malicious programs on affected systems and analyse large amount of collected data.

Affected Systems:

• 3rd, 4th, 5th, 6th, 7th, 8th, 9th Generation Intel Core Processor Family
• Intel Atom Processor A, C, D, E3800, E3900, T, X, Z Series
• Intel Celeron Processor Family
• Intel Core X-series Processors
• Intel Mobile Communications Platforms
• Intel Pentium Processor Family
• Intel Puma Family
• Intel Xeon Phi x200, 72x5 Processor Family
• Intel Xeon Processor D, E, E3, E3 v2, E3 v3, E3 v4, E3 v6, E5 v2, E5, E5 v3, E5 v4, E7, E7 v2, E7 v3, E7 v4, W Family
• Intel Xeon Scalable Processors
• Legacy Intel Celeron Processors
• Legacy Intel Core Processors
• Legacy Intel Pentium Processors

Impact:

A successful exploitation of the vulnerabilites could lead to information disclosure.

Recommendation:

Keep systems, browsers and firmware up-to-date

Some product vendors as listed below have released patches and/or provided information on mitigating the risks posed by the MDS vulnerabilities.  The list is not exhaustive and system administrators should consult product vendors to confirm whether the products are affected and if so, availability of patches and mitigation measures.

• Apple
  https://support.apple.com/en-us/HT210107
• AWS
  https://aws.amazon.com/tw/security/security-bulletins/AWS-2019-004/
• Citrix
  https://www.citrix.com/blogs/2019/05/14/microarchitectural-data-sampling-security-issues-and-mitigations/
• Debian
  https://www.debian.org/security/2019/dsa-4444
• Google
  https://support.google.com/faqs/answer/9330250?hl=en
• HP
  https://support.hp.com/emea_africa-en/document/c06326397
• IBM
  https://www.ibm.com/blogs/psirt/ibm-addresses-reported-intel-security-vulnerabilities/
• Lenovo
  https://download.lenovo.com/pccbbs/mobiles/n2euj12w.txt
• Linux Kernel
  https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html
• Microsoft
  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190013
• Oracle
  https://blogs.oracle.com/security/intelmds
• Red Hat
  https://access.redhat.com/security/vulnerabilities/mds
• SUSE
  https://www.suse.com/c/suse-addresses-microarchitectural-data-sampling-vulnerabilities/
• Ubuntu
  https://blog.ubuntu.com/2019/05/14/ubuntu-updates-to-mitigate-new-microarchitectural-data-sampling-mds-vulnerabilities
• VMware
  https://www.vmware.com/security/advisories/VMSA-2019-0008.html
• Xen
  https://seclists.org/oss-sec/2019/q2/111

Keep anti-malware software and its signatures up-to-date

The vulnerability is exploitable only if malware is run on the affected systems. System administrators and users should regularly check and update the anti-malware software and its signatures to the latest version in order to mitigate the security risk of being exploited or infected.

Use only authorised software

Software downloaded from the Internet may contain malware. Users should obtain software from official sources.

More Information:

https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html
https://cpu.fail/
https://www.securityweek.com/intel-mds-vulnerabilities-what-you-need-know?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A%20Securityweek%20%28SecurityWeek%20RSS%20Feed%29&quicktabs_1=1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12130
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11091