CVE-2020-0543
high
CVSS v3
—
CVSS v2
—
VIR risk
8.0
Description
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2020-0543
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2021:3027
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2020-0543.html
Vendor advisory: arch — https://security.archlinux.org/ASA-202006-10
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| arch | fixed | 20200609-1 | |
| sles | affected | | |
| debian | bookworm | fixed | 3.20200609.1 |
| debian | bullseye | fixed | 3.20200609.1 |
| debian | forky | fixed | 3.20200609.1 |
| debian | sid | fixed | 3.20200609.1 |
| debian | trixie | fixed | 3.20200609.1 |
| rocky | 8 | fixed | |
References
Verify integrity in audit chain (admin only). AS-IS.