NA

CVE-2020-4788

Published: 20/11/2020 Updated: 25/11/2020

Vulnerability Summary

IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.

Vulnerability Trend

Vendor Advisories

IBM has released the following fixes for AIX and VIOS in response to CVE-2020-4788 ...

Mailing Lists

Hi, IBM Power9 processors can speculatively operate on data in the L1 cache before it has been completely validated, via a way-prediction mechanism It is not possible for an attacker to determine the contents of impermissible memory using this method, since these systems implement a combination of hardware and software security measures to preven ...

Recent Articles

The Register

IBM Power9 processors, intended for data centers and mainframes, are potentially vulnerable to abuse of their speculative execution capability. The security shortcoming could allow a local user to access privileged information.
On Thursday IBM published a security advisory that explains, "IBM Power9 processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances."
The vulnerability has a base score of 5.1 on the Common...

The Register

Updated IBM Power9 processors, intended for data centers and mainframes, are potentially vulnerable to abuse of their speculative execution capability. The security shortcoming could allow a local user to access privileged information.
On Thursday IBM published a security advisory that explains, "IBM Power9 processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances."
The vulnerability has a base score of 5.1 on th...