NVD Vulnerability Detail

CVE-2019-19338

Summary	A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability.
Publication Date	July 14, 2020, 2:15 a.m.
Registration Date	Jan. 26, 2021, 11:41 a.m.
Last Update	Nov. 21, 2024, 1:34 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:linux:linux_kernel::::::::					5.5

Configuration2		or higher	or less	more than	less than
cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

Related information, measures and tools

No	URL	タグ
1	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19338	Issue Tracking Patch Third Party Advisory
2	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19338	Issue Tracking Patch Third Party Advisory
3	https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort	Third Party Advisory
4	https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort	Third Party Advisory
5	https://www.openwall.com/lists/oss-security/2019/12/10/3	Mailing List Patch Third Party Advisory
6	https://www.openwall.com/lists/oss-security/2019/12/10/3	Mailing List Patch Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-203	セキュリティ関連の処理に対するレスポンスの違いに起因する情報漏えい	https://cwe.mitre.org/data/definitions/203.html

JVN Vulnerability Information

Linux Kernel におけるセキュリティ関連の処理に対するレスポンスの違いに起因する情報漏えいに関する脆弱性

Title	Linux Kernel におけるセキュリティ関連の処理に対するレスポンスの違いに起因する情報漏えいに関する脆弱性
Summary	Linux Kernel には、セキュリティ関連の処理に対するレスポンスの違いに起因する情報漏えいに関する脆弱性が存在します。
Possible impacts	情報を取得される可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	Dec. 10, 2019, midnight
Registration Date	Sept. 3, 2020, 5:51 p.m.
Last Update	Sept. 3, 2020, 5:51 p.m.

Affected System

レッドハット

Red Hat Enterprise Linux

Linux

Linux Kernel 5.5 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2019-19338	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19338
National Vulnerability Database (NVD)
2	CVE-2019-19338	https://nvd.nist.gov/vuln/detail/CVE-2019-19338
関連文書
3	CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)	https://www.openwall.com/lists/oss-security/2019/12/10/3

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-203	https://cwe.mitre.org/data/definitions/203.html

ベンダー情報

No	Name	URL
Linux Kernel
1	Linux Kernel Archives	http://www.kernel.org
Red Hat Bugzilla
2	Bug 1781514	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19338

Change Log

No	Changed Details	Date of change
1	[2020年09月03日] 掲載	Sept. 3, 2020, 5:51 p.m.