The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Vulnerability of Intel Processors: information disclosure via SGX

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via SGX of Intel Processors, in order to obtain sensitive information.
Severity of this alert: 2/4.
Creation date: 13/11/2019.
Références of this alert: CERTFR-2019-AVI-563, CVE-2019-0117, FEDORA-2019-1689d3fe07, FEDORA-2019-68d7f68507, FEDORA-2019-7a3fc17778, INTEL-SA-00219, VIGILANCE-VUL-30851.

Description of the vulnerability

An attacker can bypass access restrictions to data via SGX of Intel Processors, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Request your free trial)

This security note impacts software or systems such as Fedora, OpenBSD.

Our Vigil@nce team determined that the severity of this threat announce is medium.

The trust level is of type confirmed by the editor, with an origin of user shell.

An attacker with a expert ability can exploit this computer weakness announce.

Solutions for this threat

Fedora: new kernel-headers packages.
New packages are available:
  Fedora 29: kernel-headers 5.3.11-100.fc29
  Fedora 30: kernel-headers 5.3.11-200.fc30
  Fedora 31: kernel-headers 5.3.11-300.fc31

Fedora: new kernel packages.
New packages are available:
  Fedora 29: kernel 5.3.11-100.fc29
  Fedora 30: kernel 5.3.11-200.fc30
  Fedora 31: kernel 5.3.11-300.fc31

Fedora: new kernel-tools packages.
New packages are available:
  Fedora 29: kernel-tools 5.3.11-100.fc29
  Fedora 30: kernel-tools 5.3.11-200.fc30
  Fedora 31: kernel-tools 5.3.11-300.fc31

Fedora: new microcode_ctl packages.
New packages are available:
  Fedora 29: microcode_ctl 2.1-33.fc29
  Fedora 30: microcode_ctl 2.1-33.fc30
  Fedora 31: microcode_ctl 2.1-33.fc31

OpenBSD: patch for Intel Processors.
A patch is available:
  https://ftp.openbsd.org/pub/OpenBSD/patches/6.5/common/018_inteldrm.patch.sig
  https://ftp.openbsd.org/pub/OpenBSD/patches/6.6/common/007_inteldrm.patch.sig
Full Vigil@nce bulletin... (Request your free trial)

Computer vulnerabilities tracking service

Vigil@nce provides an application vulnerability patch. The technology watch team tracks security threats targeting the computer system.