CVE-2019-11091
First published: Thu May 02 2019(Updated: )
Last updated 29 November 2024
Credit: Ke Sun Henrique Kawakami Kekai Hu Rodrigo Branco IntelYuval Yarom University of AdelaideBrandon Falk Microsoft Windows Platform Security TeamKe Sun Henrique Kawakami Kekai Hu Rodrigo Branco IntelGiorgi Maisuradze Microsoft ResearchHenrique Kawakami Kekai Hu Rodrigo Branco IntelMichael Schwarz Daniel Gruss Graz University of TechnologyAlyssa Milburn Sebastian Osterlund Pietro Frigo Kaveh Razavi Herbert Bos Cristiano Giuffrida VUSec group at VU AmsterdamDan Horea Lutas BitDefenderKe Sun Henrique Kawakami Kekai Hu Rodrigo Branco IntelMoritz Lipp Michael Schwarz Daniel Gruss Graz University of Technology secure@intel.com secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS Mojave | <10.14.5 | 10.14.5 |
| Apple High Sierra | ||
| Apple Sierra | ||
| All of | ||
| Intel Microarchitectural Data Sampling Uncacheable Memory Firmware | ||
| Intel Microarchitectural Data Sampling Uncacheable Memory | ||
| Fedoraproject Fedora | =29 | |
| Intel Microarchitectural Data Sampling Uncacheable Memory Firmware | ||
| Intel Microarchitectural Data Sampling Uncacheable Memory | ||
| debian/intel-microcode | 3.20240813.1~deb11u1 3.20240910.1~deb11u1 3.20240910.1~deb12u1 3.20231114.1~deb12u1 3.20241112.1 | |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 | |
| debian/xen | 4.14.6-1 4.14.5+94-ge49571868d-1 4.17.3+10-g091466ba55-1~deb12u1 4.17.3+36-g54dacb5c02-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/
- https://access.redhat.com/errata/RHSA-2019:1455
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html
- https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html
- https://usn.ubuntu.com/3977-3/
- https://seclists.org/bugtraq/2019/Jun/28
- https://seclists.org/bugtraq/2019/Jun/36
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt
- https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en
- http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html
- http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html
- https://www.freebsd.org/security/advisories/FreeBSD-SA-19:07.mds.asc
- https://access.redhat.com/errata/RHSA-2019:2553
- https://kc.mcafee.com/corporate/index?page=content&id=SB10292
- https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
- https://seclists.org/bugtraq/2019/Nov/15
- https://www.synology.com/security/advisory/Synology_SA_19_24
- https://www.debian.org/security/2020/dsa-4602
- https://seclists.org/bugtraq/2020/Jan/21
- https://security.gentoo.org/glsa/202003-56
- https://launchpad.net/bugs/cve/CVE-2019-11091
- https://access.redhat.com/security/vulnerabilities/mds
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1709983
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1709984
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1710006
- https://access.redhat.com/errata/RHSA-2019:1175
- https://access.redhat.com/errata/RHSA-2019:1167
- https://access.redhat.com/errata/RHSA-2019:1174
- https://access.redhat.com/errata/RHSA-2019:1169
- https://access.redhat.com/errata/RHSA-2019:1180
- https://access.redhat.com/errata/RHSA-2019:1181
- https://access.redhat.com/errata/RHSA-2019:1177
- https://access.redhat.com/errata/RHSA-2019:1178
- https://access.redhat.com/errata/RHSA-2019:1179
- https://access.redhat.com/errata/RHSA-2019:1168
- https://access.redhat.com/errata/RHSA-2019:1176
- https://access.redhat.com/errata/RHSA-2019:1170
- https://access.redhat.com/errata/RHSA-2019:1184
- https://access.redhat.com/errata/RHSA-2019:1185
- https://access.redhat.com/errata/RHSA-2019:1182
- https://access.redhat.com/errata/RHSA-2019:1155
- https://access.redhat.com/errata/RHSA-2019:1183
- https://access.redhat.com/errata/RHSA-2019:1193
- https://access.redhat.com/errata/RHSA-2019:1196
- https://access.redhat.com/errata/RHSA-2019:1195
- https://access.redhat.com/errata/RHSA-2019:1198
- https://access.redhat.com/errata/RHSA-2019:1172
- https://access.redhat.com/errata/RHSA-2019:1190
- https://access.redhat.com/errata/RHSA-2019:1194
- https://access.redhat.com/errata/RHSA-2019:1199
- https://access.redhat.com/errata/RHSA-2019:1200
- https://access.redhat.com/errata/RHSA-2019:1202
- https://access.redhat.com/errata/RHSA-2019:1201
- https://access.redhat.com/errata/RHSA-2019:1171
- https://access.redhat.com/errata/RHSA-2019:1197
- https://access.redhat.com/errata/RHSA-2019:1187
- https://access.redhat.com/errata/RHSA-2019:1186
- https://access.redhat.com/errata/RHSA-2019:1189
- https://access.redhat.com/errata/RHSA-2019:1188
- https://access.redhat.com/errata/RHSA-2019:1203
- https://access.redhat.com/errata/RHSA-2019:1204
- https://access.redhat.com/errata/RHSA-2019:1205
- https://access.redhat.com/errata/RHSA-2019:1206
- https://access.redhat.com/errata/RHSA-2019:1207
- https://access.redhat.com/errata/RHSA-2019:1209
- https://access.redhat.com/errata/RHSA-2019:1208
- https://bugzilla.redhat.com/show_bug.cgi?id=1705312
- https://support.apple.com/en-us/HT210119 (Advisory)
- https://kc.mcafee.com/corporate/index?page=content&id=SB10292
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/
- https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
- https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
- https://xenbits.xen.org/xsa/advisory-297.html
- https://libvirt.org/git/?p=libvirt.git;a=commit;h=538d873571d7a682852dc1d70e5f4478f4d64e85
- https://security-tracker.debian.org/tracker/CVE-2019-11091
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11091
- https://nvd.nist.gov/vuln/detail/CVE-2019-11091
- https://ubuntu.com/security/CVE-2019-11091
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-8603
- CVE-2019-8635
- CVE-2019-8590
- CVE-2019-8640
- CVE-2019-2102
- CVE-2019-8592
- CVE-2019-8585
- CVE-2019-8582
- CVE-2019-8589
- CVE-2019-8560
- CVE-2019-8634
- CVE-2019-8616
- CVE-2019-8629
- CVE-2018-4456
- CVE-2019-8606
- CVE-2019-8633
- CVE-2019-8525
- CVE-2019-8547
- CVE-2019-8576
- CVE-2019-8591
- CVE-2019-8573
- CVE-2019-8631
- CVE-2018-12126
- CVE-2018-12127
- CVE-2018-12130
- CVE-2019-11091
- CVE-2019-8604
- CVE-2019-8577
- CVE-2019-8600
- CVE-2019-8598
- CVE-2019-8602
- CVE-2019-8568
- CVE-2019-8574
- CVE-2019-8569
- CVE-2019-6237
- CVE-2019-8571
- CVE-2019-8583
- CVE-2019-8584
- CVE-2019-8586
- CVE-2019-8587
- CVE-2019-8594
- CVE-2019-8595
- CVE-2019-8596
- CVE-2019-8597
- CVE-2019-8601
- CVE-2019-8608
- CVE-2019-8609
- CVE-2019-8610
- CVE-2019-8611
- CVE-2019-8615
- CVE-2019-8619
- CVE-2019-8622
- CVE-2019-8623
- CVE-2019-8628
- CVE-2019-8607
- CVE-2019-8612
- agent/type
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-11091
- agent/first-publish-date
- collector/apple-support
- alias/CVE-2018-12127
- alias/CVE-2018-12130
- agent/software-canonical-lookup-request
- agent/severity
- agent/author
- agent/remedy
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/tags
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/trending
- vendor/apple
- canonical/apple macos mojave
- canonical/apple high sierra
- canonical/apple sierra
- vendor/intel
- canonical/intel microarchitectural data sampling uncacheable memory firmware
- canonical/intel microarchitectural data sampling uncacheable memory
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/29
- package-manager/debian