Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2019-11139

Published: 14/11/2019 Updated: 07/11/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 6 | Impact Score: 4 | Exploitability Score: 1.5
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Debian Linux

Vulnerability Summary

USN-4182-2 provided updated Intel Processor Microcode. A regression exists that caused some Skylake processors to hang after a warm reboot. This update reverts the microcode for that specific processor family.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

debian debian linux 8.0

opensuse leap 15.0

opensuse leap 15.1

intel xeon_8153_firmware -

intel xeon_8156_firmware -

intel xeon_8158_firmware -

intel xeon_8160_firmware -

intel xeon_8160f_firmware -

intel xeon_8160m_firmware -

intel xeon_8160t_firmware -

intel xeon_8164_firmware -

intel xeon_8168_firmware -

intel xeon_8170_firmware -

intel xeon_8170m_firmware -

intel xeon_8176_firmware -

intel xeon_8176f_firmware -

intel xeon_8176m_firmware -

intel xeon_8180_firmware -

intel xeon_8180m_firmware -

intel xeon_5115_firmware -

intel xeon_5118_firmware -

intel xeon_5119t_firmware -

intel xeon_5120_firmware -

intel xeon_5120t_firmware -

intel xeon_5122_firmware -

intel xeon_6126_firmware -

intel xeon_6126f_firmware -

intel xeon_6126t_firmware -

intel xeon_6128_firmware -

intel xeon_6130_firmware -

intel xeon_6130f_firmware -

intel xeon_6130t_firmware -

intel xeon_6132_firmware -

intel xeon_6134_firmware -

intel xeon_6134m_firmware -

intel xeon_6136_firmware -

intel xeon_6138_firmware -

intel xeon_6138f_firmware -

intel xeon_6138t_firmware -

intel xeon_6140_firmware -

intel xeon_6140m_firmware -

intel xeon_6142_firmware -

intel xeon_6142f_firmware -

intel xeon_6144_firmware -

intel xeon_6146_firmware -

intel xeon_6148_firmware -

intel xeon_6148f_firmware -

intel xeon_6150_firmware -

intel xeon_6152_firmware -

intel xeon_6154_firmware -

intel xeon_4108_firmware -

intel xeon_4109t_firmware -

intel xeon_4110_firmware -

intel xeon_4112_firmware -

intel xeon_4114_firmware -

intel xeon_4114t_firmware -

intel xeon_4116_firmware -

intel xeon_4116t_firmware -

intel xeon_3104_firmware -

intel xeon_3106_firmware -

Vendor Advisories

Debian Security Advisories: DSA-4565-1 intel-microcode -- security update
This update ships updated CPU microcode for some types of Intel CPUs In particular it provides mitigations for the TAA (TSX Asynchronous Abort) vulnerability For affected CPUs, to fully mitigate the vulnerability it is also necessary to update the Linux kernel packages as released in DSA 4564-1 For the oldstable distribution (stretch), these pro ...
Ubuntu Security Notice: intel-microcode update
Several security issues were fixed in Intel Microcode ...
Ubuntu Security Notice: intel-microcode update
Several security issues were fixed in Intel Microcode ...
Ubuntu Security Notice: intel-microcode regression
USN-4182-2 introduced a regression in the Intel Microcode for some Skylake processors ...
Ubuntu Security Notice: intel-microcode regression
USN-4182-1 introduced a regression in the Intel Microcode for some Skylake processors ...
Amazon Linux 2: ALAS2-2019-1364
This security update is only applicable to EC2 Bare Metal instance types using Intel processors Intel has released microcode updates for certain Intel CPUs After installing the updated microcode_ctl package, the microcode will be automatically activated on next boot Improper conditions check in the voltage modulation interface for some Intel ...
Amazon Linux AMI: ALAS-2019-1318
This security update is only applicable to EC2 Bare Metal instance types using Intel processors Intel has released microcode updates for certain Intel CPUs After installing the updated microcode_ctl package, the microcode will be automatically activated on next boot Improper conditions check in the voltage modulation interface for some Intel ...
Arch Linux Issues:
It was discovered that certain Intel Xeon processors did not properly restrict access to a voltage modulation interface A local privileged attacker could use this to cause a denial of service (system crash) ...
HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBHF03638 rev. 4 - Intel 2019.2 IPU BIOS Security Updates
Multiple security vulnerabilities have been identified by Intel Intel is releasing updates for BIOS, Voltage Modulation, Intel Processor Graphics, Intel SGX, Intel SGX and Intel TXT, Intel SGX and Intel Processor Graphics, Intel Trusted Execution Technology (TXT), Intel System Management Mode (SMM), Intel CPU Local Privilege Escalation, TSX Asynch ...
HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBHF03638 rev. 4 - Intel 2019.2 IPU BIOS Security Updates
Multiple security vulnerabilities have been identified by Intel Intel is releasing updates for BIOS, Voltage Modulation, Intel Processor Graphics, Intel SGX, Intel SGX and Intel TXT, Intel SGX and Intel Processor Graphics, Intel Trusted Execution Technology (TXT), Intel System Management Mode (SMM), Intel CPU Local Privilege Escalation, TSX Asynch ...

References

CWE-754https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.htmlhttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03969en_ushttps://seclists.org/bugtraq/2019/Dec/28https://lists.debian.org/debian-lts-announce/2019/12/msg00035.htmlhttps://support.f5.com/csp/article/K42433061?utm_source=f5support&%3Butm_medium=RSShttps://nvd.nist.govhttps://www.debian.org/security/2019/dsa-4565https://usn.ubuntu.com/4182-1/https://usn.ubuntu.com/4182-4/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook