CVE-2020-0549 log

Source
Severity High
Remote No
Type Information disclosure
Description
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.
Group Package Affected Fixed Severity Status Ticket
AVG-1187 intel-ucode 20200520-1 20200609-1 High Fixed
Date Advisory Group Package Severity Type
13 Jun 2020 ASA-202006-10 AVG-1187 intel-ucode High information disclosure
References
https://cacheoutattack.com/CacheOut.pdf
https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling
https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling
https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/