Vulnerability Details : CVE-2019-1125
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.
To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used to try to compromise the affected system further.
On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. This vulnerability, released on August 6, 2019, is a variant of the Spectre Variant 1 speculative execution side channel vulnerability and has been assigned CVE-2019-1125.
Microsoft released a security update on July 9, 2019 that addresses the vulnerability through a software change that mitigates how the CPU speculatively accesses memory. Note that this vulnerability does not require a microcode update from your device OEM.
Vulnerability category: Information leak
Products affected by CVE-2019-1125
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-1125
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 46 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-1125
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST | |
5.6
|
MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N |
1.1
|
4.0
|
Microsoft Corporation | 2024-05-29 |
References for CVE-2019-1125
-
https://access.redhat.com/errata/RHSA-2019:2600
RHSA-2019:2600 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:2609
RHSA-2019:2609 - Security Advisory - Red Hat Customer Portal
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1125
CVE-2019-1125 | Windows Kernel Information Disclosure VulnerabilityPatch;Vendor Advisory
-
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-swapgs-en
Security Advisory - Information Disclosure Vulnerability about SWAPGS Instruction
-
https://access.redhat.com/errata/RHSA-2019:2975
RHSA-2019:2975 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:2899
RHSA-2019:2899 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:2900
RHSA-2019:2900 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:2696
RHSA-2019:2696 - Security Advisory - Red Hat Customer Portal
-
http://packetstormsecurity.com/files/156337/SWAPGS-Attack-Proof-Of-Concept.html
SWAPGS Attack Proof Of Concept ≈ Packet Storm
-
https://kc.mcafee.com/corporate/index?page=content&id=SB10297
McAfee Security Bulletin - Updates for Kernel SWAPGS Attack data leakage flaws (CVE-2019-1125)
-
https://access.redhat.com/errata/RHSA-2019:3220
RHSA-2019:3220 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:2730
RHSA-2019:2730 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHBA-2019:3248
RHBA-2019:3248 - Bug Fix Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:3011
RHSA-2019:3011 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:2695
RHSA-2019:2695 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHBA-2019:2824
-
https://www.synology.com/security/advisory/Synology_SA_19_32
Synology Inc.
Jump to