Service Notices

All Notices > Security Notices > Warning on Intel Side Channel Vulnerability MDS

Warning on Intel Side Channel Vulnerability MDS

May 24, 2019 GMT+08:00

I. Overview

Recently, Intel publicly shared details and information about a new group of vulnerabilities collectively called Microarchitectural Data Sampling (MDS), a sub-class of previously disclosed speculative execution side channel vulnerabilities. MDS involves four CVEs. If the vulnerability is successfully exploited, sensitive information may be disclosed. According to Intel, practical exploitation of MDS is a very complex undertaking, therefore, severity rating of MDS is medium. So far, no attack event exploiting MDS is reported.

We have analyzed this group of vulnerabilities in detail and have taken necessary mitigation measures to ensure the security of HUAWEI CLOUD. Our security team will continue to look into this matter and take appropriate protective measures in accordance with any further developments.

Reference links:

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html

https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling

II. Severity

Severity: moderate

(Severity: low, moderate, important, and critical)

III. Affected Products

Impacted models of CPUs are listed on Intel's official website.

IV. Vulnerability Details

CVE ID

Vulnerability Name

Severity

Vulnerability Description

CVE-2018-12126

Microarchitectural Store Buffer Data Sampling (MSBDS)

moderate

Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

CVE-2018-12127

Microarchitectural Load Port Data Sampling (MLPDS)

moderate

Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

CVE-2018-12130

Microarchitectural Fill Buffer Data Sampling (MFBDS)

moderate

Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

CVE-2019-11091

Microarchitectural Data Sampling Uncacheable Memory (MDSUM)

low

Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.