{
  "threat_severity" : "Moderate",
  "public_date" : "2020-11-10T13:55:00Z",
  "bugzilla" : {
    "description" : "hw: Fast forward store predictor",
    "id" : "1890356",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-212",
  "details" : [ "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", "A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU." ],
  "acknowledgement" : "Red Hat would like to thank Intel for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2020-11-11T00:00:00Z",
    "advisory" : "RHSA-2020:5084",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "microcode_ctl-2:1.17-33.31.el6_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.5 Advanced Update Support",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5189",
    "cpe" : "cpe:/o:redhat:rhel_aus:6.5",
    "package" : "microcode_ctl-2:1.17-17.34.el6_5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.6 Advanced Update Support",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5184",
    "cpe" : "cpe:/o:redhat:rhel_aus:6.6",
    "package" : "microcode_ctl-2:1.17-19.32.el6_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-11-11T00:00:00Z",
    "advisory" : "RHSA-2020:5083",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "microcode_ctl-2:2.1-73.2.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2021-08-09T00:00:00Z",
    "advisory" : "RHSA-2021:3028",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "microcode_ctl-2:2.1-73.11.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.2 Advanced Update Support",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5188",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.2",
    "package" : "microcode_ctl-2:2.1-12.34.el7_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.2 Advanced Update Support",
    "release_date" : "2021-08-31T00:00:00Z",
    "advisory" : "RHSA-2021:3323",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.2",
    "package" : "microcode_ctl-2:2.1-12.39.el7_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.3 Advanced Update Support",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5183",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.3",
    "package" : "microcode_ctl-2:2.1-16.37.el7_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.3 Advanced Update Support",
    "release_date" : "2021-08-31T00:00:00Z",
    "advisory" : "RHSA-2021:3322",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.3",
    "package" : "microcode_ctl-2:2.1-16.42.el7_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.3 Telco Extended Update Support",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5183",
    "cpe" : "cpe:/o:redhat:rhel_tus:7.3",
    "package" : "microcode_ctl-2:2.1-16.37.el7_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5183",
    "cpe" : "cpe:/o:redhat:rhel_e4s:7.3",
    "package" : "microcode_ctl-2:2.1-16.37.el7_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Advanced Update Support",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5182",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.4",
    "package" : "microcode_ctl-2:2.1-22.36.el7_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Advanced Update Support",
    "release_date" : "2021-08-24T00:00:00Z",
    "advisory" : "RHSA-2021:3255",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.4",
    "package" : "microcode_ctl-2:2.1-22.41.el7_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Telco Extended Update Support",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5182",
    "cpe" : "cpe:/o:redhat:rhel_tus:7.4",
    "package" : "microcode_ctl-2:2.1-22.36.el7_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Telco Extended Update Support",
    "release_date" : "2021-08-24T00:00:00Z",
    "advisory" : "RHSA-2021:3255",
    "cpe" : "cpe:/o:redhat:rhel_tus:7.4",
    "package" : "microcode_ctl-2:2.1-22.41.el7_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5182",
    "cpe" : "cpe:/o:redhat:rhel_e4s:7.4",
    "package" : "microcode_ctl-2:2.1-22.36.el7_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions",
    "release_date" : "2021-08-24T00:00:00Z",
    "advisory" : "RHSA-2021:3255",
    "cpe" : "cpe:/o:redhat:rhel_e4s:7.4",
    "package" : "microcode_ctl-2:2.1-22.41.el7_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118)",
    "release_date" : "2021-08-31T00:00:00Z",
    "advisory" : "RHSA-2021:3317",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.6",
    "package" : "microcode_ctl-2:2.1-47.23.el7_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Extended Update Support",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5181",
    "cpe" : "cpe:/o:redhat:rhel_eus:7.6",
    "package" : "microcode_ctl-2:2.1-47.18.el7_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Telco Extended Update Support",
    "release_date" : "2021-08-31T00:00:00Z",
    "advisory" : "RHSA-2021:3317",
    "cpe" : "cpe:/o:redhat:rhel_tus:7.6",
    "package" : "microcode_ctl-2:2.1-47.23.el7_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions",
    "release_date" : "2021-08-31T00:00:00Z",
    "advisory" : "RHSA-2021:3317",
    "cpe" : "cpe:/o:redhat:rhel_e4s:7.6",
    "package" : "microcode_ctl-2:2.1-47.23.el7_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.7 Extended Update Support",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5190",
    "cpe" : "cpe:/o:redhat:rhel_eus:7.7",
    "package" : "microcode_ctl-2:2.1-53.13.el7_7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.7 Extended Update Support",
    "release_date" : "2021-08-10T00:00:00Z",
    "advisory" : "RHSA-2021:3029",
    "cpe" : "cpe:/o:redhat:rhel_eus:7.7",
    "package" : "microcode_ctl-2:2.1-53.18.el7_7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-11-11T00:00:00Z",
    "advisory" : "RHSA-2020:5085",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "microcode_ctl-4:20200609-2.20201027.1.el8_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2021-08-09T00:00:00Z",
    "advisory" : "RHSA-2021:3027",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "microcode_ctl-4:20210216-1.20210608.1.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5186",
    "cpe" : "cpe:/o:redhat:rhel_e4s:8.0",
    "package" : "microcode_ctl-4:20180807a-2.20201112.1.el8_0"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.1 Extended Update Support",
    "release_date" : "2020-12-08T00:00:00Z",
    "advisory" : "RHSA-2020:5369",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.1",
    "package" : "microcode_ctl-4:20190618-1.20201112.1.el8_1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.1 Extended Update Support",
    "release_date" : "2021-08-17T00:00:00Z",
    "advisory" : "RHSA-2021:3176",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.1",
    "package" : "microcode_ctl-4:20190618-1.20210608.1.el8_1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Extended Update Support",
    "release_date" : "2020-11-23T00:00:00Z",
    "advisory" : "RHSA-2020:5185",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.2",
    "package" : "microcode_ctl-4:20191115-4.20201112.1.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Extended Update Support",
    "release_date" : "2021-08-31T00:00:00Z",
    "advisory" : "RHSA-2021:3364",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.2",
    "package" : "microcode_ctl-4:20191115-4.20210608.1.el8_2"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Out of support scope",
    "package_name" : "microcode_ctl",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-8698\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-8698\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html" ],
  "name" : "CVE-2020-8698",
  "csaw" : false
}