vulnerability

Oracle Linux: CVE-2020-8694: ELSA-2020-5914: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories)

Severity
5
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:N)
Published
Nov 10, 2020
Added
Nov 11, 2020
Modified
Jan 23, 2025

Description

Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
A flaw was found in the Linux kernel's implementation of Intel's Running Average Power Limit (RAPL) implementation. A local attacker could infer secrets by measuring power usage and also infer private data by observing the power usage of calculations performed on the data.

Solution

oracle-linux-upgrade-kernel-uek
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.