{
  "threat_severity" : "Moderate",
  "public_date" : "2021-06-08T17:00:00Z",
  "bugzilla" : {
    "description" : "hw: information disclosure on some Intel Atom processors",
    "id" : "1962666",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1962666"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.6",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-200",
  "details" : [ "Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", "A potential domain bypass transient execution vulnerability was discovered on some Intel Atom® processors that uses a microarchitectural incidental channel. Currently this channel can reveal supervisor data in the L1 cache and the contents of recent stores. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access." ],
  "acknowledgement" : "Red Hat would like to thank Intel for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6 Extended Lifecycle Support",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2299",
    "cpe" : "cpe:/o:redhat:rhel_els:6",
    "package" : "microcode_ctl-2:1.17-33.33.el6_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2305",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "microcode_ctl-2:2.1-73.9.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.2 Advanced Update Support",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2300",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.2",
    "package" : "microcode_ctl-2:2.1-12.37.el7_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.3 Advanced Update Support",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2302",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.3",
    "package" : "microcode_ctl-2:2.1-16.40.el7_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Advanced Update Support",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2301",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.4",
    "package" : "microcode_ctl-2:2.1-22.39.el7_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Telco Extended Update Support",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2301",
    "cpe" : "cpe:/o:redhat:rhel_tus:7.4",
    "package" : "microcode_ctl-2:2.1-22.39.el7_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2301",
    "cpe" : "cpe:/o:redhat:rhel_e4s:7.4",
    "package" : "microcode_ctl-2:2.1-22.39.el7_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118)",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2303",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.6",
    "package" : "microcode_ctl-2:2.1-47.21.el7_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Telco Extended Update Support",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2303",
    "cpe" : "cpe:/o:redhat:rhel_tus:7.6",
    "package" : "microcode_ctl-2:2.1-47.21.el7_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2303",
    "cpe" : "cpe:/o:redhat:rhel_e4s:7.6",
    "package" : "microcode_ctl-2:2.1-47.21.el7_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.7 Extended Update Support",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2304",
    "cpe" : "cpe:/o:redhat:rhel_eus:7.7",
    "package" : "microcode_ctl-2:2.1-53.16.el7_7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2308",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "microcode_ctl-4:20210216-1.20210525.1.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.1 Extended Update Support",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2306",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.1",
    "package" : "microcode_ctl-4:20190618-1.20210525.1.el8_1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Extended Update Support",
    "release_date" : "2021-06-09T00:00:00Z",
    "advisory" : "RHSA-2021:2307",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.2",
    "package" : "microcode_ctl-4:20191115-4.20210525.1.el8_2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-24513\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-24513" ],
  "name" : "CVE-2020-24513",
  "csaw" : false
}