First published: Mon Jan 21 2019(Updated: )
Last updated 29 November 2024
Credit: Ke Sun Henrique Kawakami Kekai Hu Rodrigo Branco IntelYuval Yarom University of AdelaideBrandon Falk Microsoft Windows Platform Security TeamGiorgi Maisuradze Microsoft ResearchMichael Schwarz Daniel Gruss Graz University of TechnologyAlyssa Milburn Sebastian Osterlund Pietro Frigo Kaveh Razavi Herbert Bos Cristiano Giuffrida VUSec group at VU AmsterdamDan Horea Lutas BitDefenderMoritz Lipp secure@intel.com
Affected Software | Affected Version | How to fix |
---|---|---|
macOS Mojave | <10.14.5 | 10.14.5 |
macOS High Sierra | ||
macOS High Sierra | ||
All of | ||
intel Microarchitectural Load Port Data Sampling | ||
Intel Microarchitectural Load Port Data Sampling | ||
Red Hat Fedora | =29 | |
intel Microarchitectural Load Port Data Sampling | ||
Intel Microarchitectural Load Port Data Sampling | ||
debian/intel-microcode | 3.20240813.1~deb11u1 3.20250211.1~deb11u1 3.20250211.1~deb12u1 3.20231114.1~deb12u1 3.20250211.1 | |
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 | |
debian/xen | 4.14.6-1 4.14.5+94-ge49571868d-1 4.17.5+23-ga4e5191dc0-1+deb12u1 4.17.5+23-ga4e5191dc0-1 4.20.0-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2018-12127 has a medium severity rating due to potential information disclosure through a side channel.
To mitigate CVE-2018-12127, ensure your system firmware and operating system are updated to the latest secure versions provided by your vendor.
CVE-2018-12127 affects certain versions of macOS Mojave, macOS High Sierra, macOS Sierra, and various distributions of Linux with Intel microprocessors.
CVE-2018-12127 is a microarchitectural vulnerability related to speculative execution, specifically Microarchitectural Load Port Data Sampling (MLPDS).
Yes, CVE-2018-12127 can potentially be exploited by an authenticated user with local access to the system.