On January 27, 2020, Intel publicly disclosed a potential security vulnerability in some Intel® Processors that may allow information disclosure. These two vulnerabilities are referred to as Vector Register Sampling and L1D Eviction Sampling and have been classified as low (2.8) and medium (6.5) respectively per the industry standard CVSS.
There are no reports of any real-world exploits of these vulnerabilities.
We are actively coordinating with industry partners and expect to release microcode updates for these vulnerabilities through our normal Intel Platform Update (IPU) process in the coming weeks.
View a list of impacted products.
Intel will release Intel® Processor microcode updates to our customers and partners as part of our regular Intel Platform Update (IPU) process.
Intel recommends that users of affected Intel® Processors check with their system manufacturers and system software vendors and update to the latest microcode update when available.
Further technical details of the vulnerabilities can be found in the following locations:
- Intel Security Center, INTEL-SA-00329
- L1D Eviction Sampling White Paper
- Vector Register Sampling White Paper
- Intel Product Assurance and Security Blog
If you need further assistance, please contact Intel Customer Support.