{ "threat_severity" : "Moderate", "public_date" : "2019-11-12T18:00:00Z", "bugzilla" : { "description" : "hw: TSX Transaction Asynchronous Abort (TAA)", "id" : "1753062", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1753062" }, "cvss3" : { "cvss3_base_score" : "6.5", "cvss3_scoring_vector" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "status" : "verified" }, "cwe" : "CWE-385", "details" : [ "TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.", "A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort (TAA) error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow information disclosure via this observed side-channel for any TSX transaction being executed while an attacker is able to observe abort timing.\nIntel's Transactional Synchronisation Extensions (TSX) are set of instructions which enable transactional memory support to improve performance of the multi-threaded applications, in the lock-protected critical sections. The CPU executes instructions in the critical-sections as transactions, while ensuring their atomic state. When such transaction execution is unsuccessful, the processor cannot ensure atomic updates to the transaction memory, so the processor rolls back or aborts such transaction execution.\nWhile TSX Asynchronous Abort (TAA) is pending, CPU may continue to read data from architectural buffers and pass it to the dependent speculative operations. This may cause information leakage via speculative side-channel means, which is quite similar to the Microarchitectural Data Sampling (MDS) issue." ], "statement" : "libvirt and qemu-kvm on Red Hat Enterprise Linux 6 are not affected by this vulnerability as they do not support MSR-based CPU features.", "acknowledgement" : "Red Hat would like to thank Intel for reporting this issue.", "affected_release" : [ { "product_name" : "Advanced Virtualization for RHEL 8.1.0", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHSA-2020:0555", "cpe" : "cpe:/a:redhat:advanced_virtualization:8.1::el8", "package" : "virt:8.1-8010020191227172441.c27ad7f8" }, { "product_name" : "Advanced Virtualization for RHEL 8.1.0", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHSA-2020:0555", "cpe" : "cpe:/a:redhat:advanced_virtualization:8.1::el8", "package" : "virt-devel:8.1-8010020191227172441.c27ad7f8" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3836", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "kernel-0:2.6.32-754.24.2.el6" }, { "product_name" : "Red Hat Enterprise Linux 6.5 Advanced Update Support", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3843", "cpe" : "cpe:/o:redhat:rhel_aus:6.5", "package" : "kernel-0:2.6.32-431.96.3.el6" }, { "product_name" : "Red Hat Enterprise Linux 6.6 Advanced Update Support", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3842", "cpe" : "cpe:/o:redhat:rhel_aus:6.6", "package" : "kernel-0:2.6.32-504.81.3.el6" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3835", "cpe" : "cpe:/a:redhat:rhel_extras_rt:7", "package" : "kernel-rt-0:3.10.0-1062.4.2.rt56.1028.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3834", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "kernel-0:3.10.0-1062.4.2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-01-06T00:00:00Z", "advisory" : "RHSA-2020:0028", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "kpatch-patch" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-02-04T00:00:00Z", "advisory" : "RHSA-2020:0366", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "qemu-kvm-10:1.5.3-167.el7_7.4" }, { "product_name" : "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3841", "cpe" : "cpe:/o:redhat:rhel_aus:7.2", "package" : "kernel-0:3.10.0-327.82.2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.2 Telco Extended Update Support", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3841", "cpe" : "cpe:/o:redhat:rhel_tus:7.2", "package" : "kernel-0:3.10.0-327.82.2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3841", "cpe" : "cpe:/o:redhat:rhel_e4s:7.2", "package" : "kernel-0:3.10.0-327.82.2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.3 Advanced Update Support", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3840", "cpe" : "cpe:/o:redhat:rhel_aus:7.3", "package" : "kernel-0:3.10.0-514.70.2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.3 Telco Extended Update Support", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3840", "cpe" : "cpe:/o:redhat:rhel_tus:7.3", "package" : "kernel-0:3.10.0-514.70.2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3840", "cpe" : "cpe:/o:redhat:rhel_e4s:7.3", "package" : "kernel-0:3.10.0-514.70.2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3839", "cpe" : "cpe:/o:redhat:rhel_aus:7.4", "package" : "kernel-0:3.10.0-693.60.2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3839", "cpe" : "cpe:/o:redhat:rhel_tus:7.4", "package" : "kernel-0:3.10.0-693.60.2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3839", "cpe" : "cpe:/o:redhat:rhel_e4s:7.4", "package" : "kernel-0:3.10.0-693.60.2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.5 Extended Update Support", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3838", "cpe" : "cpe:/o:redhat:rhel_eus:7.5", "package" : "kernel-0:3.10.0-862.43.2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3837", "cpe" : "cpe:/o:redhat:rhel_eus:7.6", "package" : "kernel-0:3.10.0-957.38.2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date" : "2020-01-06T00:00:00Z", "advisory" : "RHSA-2020:0026", "cpe" : "cpe:/o:redhat:rhel_eus:7.6", "package" : "kpatch-patch" }, { "product_name" : "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date" : "2020-03-03T00:00:00Z", "advisory" : "RHSA-2020:0666", "cpe" : "cpe:/o:redhat:rhel_eus:7.6", "package" : "qemu-kvm-10:1.5.3-160.el7_6.5" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-01-29T00:00:00Z", "advisory" : "RHSA-2020:0279", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "virt-devel:rhel-8010020191216093608.c27ad7f8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-01-29T00:00:00Z", "advisory" : "RHSA-2020:0279", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "virt:rhel-8010020191216093608.c27ad7f8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3833", "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv", "package" : "kernel-rt-0:4.18.0-147.0.2.rt24.94.el8_1" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3832", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-147.0.2.el8_1" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-22T00:00:00Z", "advisory" : "RHSA-2019:3936", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kpatch-patch" }, { "product_name" : "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date" : "2020-01-22T00:00:00Z", "advisory" : "RHSA-2020:0204", "cpe" : "cpe:/o:redhat:rhel_e4s:8.0", "package" : "kernel-0:4.18.0-80.15.1.el8_0" }, { "product_name" : "Red Hat Enterprise MRG 2", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3844", "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package" : "kernel-rt-1:3.10.0-693.60.2.rt56.655.el6rt" }, { "product_name" : "Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3837", "cpe" : "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package" : "kernel-0:3.10.0-957.38.2.el7" }, { "product_name" : "Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3860", "cpe" : "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package" : "redhat-virtualization-host-0:4.2-20191107.0.el7_6" }, { "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date" : "2019-11-12T00:00:00Z", "advisory" : "RHSA-2019:3860", "cpe" : "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package" : "redhat-virtualization-host-0:4.3.6-20191108.0.el7_7" }, { "product_name" : "Red Hat Virtualization Engine 4.2", "release_date" : "2020-03-05T00:00:00Z", "advisory" : "RHSA-2020:0730", "cpe" : "cpe:/a:redhat:rhev_manager:4.2", "package" : "qemu-kvm-rhev-10:2.12.0-18.el7_6.9" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Out of support scope", "package_name" : "microcode_ctl", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "libvirt", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Affected", "package_name" : "microcode_ctl", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "qemu-kvm", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel-alt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Affected", "package_name" : "libvirt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Affected", "package_name" : "microcode_ctl", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Affected", "package_name" : "qemu-kvm-rhev", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Affected", "package_name" : "microcode_ctl", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8 Advanced Virtualization", "fix_state" : "Affected", "package_name" : "qemu-kvm", "cpe" : "cpe:/a:redhat:advanced_virtualization:8::el8" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-11135\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-11135\nhttps://access.redhat.com/solutions/tsx-asynchronousabort\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html" ], "csaw" : true, "name" : "CVE-2019-11135", "mitigation" : { "value" : "For mitigation related information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/tsx-asynchronousabort", "lang" : "en:us" } }