vulnerability

Oracle Linux: CVE-2020-8698: ELSA-2020-5083: microcode_ctl security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:L/Au:N/C:P/I:N/A:N)	Nov 10, 2020	Nov 17, 2020	Dec 3, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:N/A:N)

Published

Nov 10, 2020

Added

Nov 17, 2020

Modified

Dec 3, 2025

Description

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.

Solution

oracle-linux-upgrade-microcode-ctl

References

CVE-2020-8698
https://attackerkb.com/topics/CVE-2020-8698
ELSA-ELSA-2020-5083
ELSA-ELSA-2020-5084
ELSA-ELSA-2020-5085
ELSA-ELSA-2021-3027
ELSA-ELSA-2021-3028
CWE-668

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today