メインコンテンツに移動
Intel BIOS Update, INTEL-SA-00329, January 2020

More Information:

  • Intel-SA-00329 – Intel® Processors Data Leakage Advisory
    • Summary: Potential security vulnerabilities in some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities
    • Severity: MEDIUM
    • CVEID: CVE-2020-0548
      Description: Cleanup errors in some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.
      CVSS Base Score: 2.8 Low
    • CVEID: CVE-2020-0549
      Description: Cleanup errors in some data cache evictions for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.
      CVSS Base Score: 6.5 Medium

Intel's statement:

“Through our ongoing work with researchers and our internal efforts, we believe that our current mitigations for MDS and TAA have substantially reduced the potential attack surface. We previously acknowledged additional work needed to be done and new mitigations will be released when ready.”

The information for affected Supermicro products will be made available when Intel releases its mitigations.