CVE-2019-11184
moderate-risk
Published 2019-09-16
A race condition in specific microprocessors using Intel (R) DDIO cache allocation and RDMA may allow an authenticated user to potentially enable partial information disclosure via adjacent access.
Do I need to act?
-
0.19% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.8/10
Medium
ADJACENT_NETWORK
/ HIGH complexity
Affected Products (20)
6138 Firmware
6130T Firmware
6130 Firmware
6126T Firmware
6126 Firmware
5120T Firmware
5119T Firmware
5118 Firmware
4116T Firmware
4116 Firmware
4114T Firmware
4110 Firmware
4109T Firmware
3106 Firmware
Xeon E5-1428L Firmware
Xeon E5-2403 Firmware
Xeon E5-2407 Firmware
Xeon E5-2418L Firmware
Xeon E5-2420 Firmware
Xeon E5-2428L Firmware
References (12)
Technical Description
https://arxiv.org/abs/1909.04841
Technical Description
https://ieeexplore.ieee.org/document/9152768
Third Party Advisory
https://security.netapp.com/advisory/ntap-20190926-0001/
Third Party Advisory
https://support.f5.com/csp/article/K43220413
Technical Description
https://arxiv.org/abs/1909.04841
Technical Description
https://ieeexplore.ieee.org/document/9152768
Third Party Advisory
https://security.netapp.com/advisory/ntap-20190926-0001/
Third Party Advisory
https://support.f5.com/csp/article/K43220413
46
/ 100
moderate-risk
Severity
12/34 · Low
Exploitability
1/34 · Minimal
Exposure
33/34 · Critical