Intel® Processors Data Leakage Advisory, INTEL-SA-00329, disclosed January 27, 2020

Documentation

Product Information & Documentation

000055993

01/28/2020

On January 27, 2020, Intel publicly disclosed a potential security vulnerability in some Intel® Processors that may allow information disclosure. These two vulnerabilities are referred to as Vector Register Sampling and L1D Eviction Sampling and have been classified as low (2.8) and medium (6.5) respectively per the industry standard CVSS. 

There are no reports of any real-world exploits of these vulnerabilities.

We are actively coordinating with industry partners and expect to release microcode updates for these vulnerabilities through our normal Intel Platform Update (IPU) process in the coming weeks.

Affected Products:

View a list of impacted products.

Recommendations:

Intel will release Intel® Processor microcode updates to our customers and partners as part of our regular Intel Platform Update (IPU) process.

Intel recommends that users of affected Intel® Processors check with their system manufacturers and system software vendors and update to the latest microcode update when available.

Further technical details of the vulnerabilities can be found in the following locations:

If you need further assistance, please contact Intel Customer Support.