CVE-2019-11091

Public on 2019-05-07
Modified on 2019-08-27
Description
Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
Severity
Medium
CVSS v3 Base Score
3.8
See breakdown

Affected Packages

Platform Package Release Date Advisory
Amazon Linux 2 libvirt 2019-08-23 03:34 ALAS2-2019-1274
Amazon Linux 2 kernel 2019-05-07 22:39 ALAS2-2019-1205
Amazon Linux 1 qemu-kvm 2019-08-07 23:12 ALAS-2019-1260
Amazon Linux 1 kernel 2019-05-07 22:54 ALAS-2019-1205

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 3.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
NVD CVSSv2 4.7 AV:L/AC:M/Au:N/C:C/I:N/A:N
NVD CVSSv3 5.6 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N