CVE-2020-12912

ADVISORY - nist

Summary

A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks. In line with industry partners, AMD has updated the RAPL interface to require privileged access.

EPSS Score⁠: 0.00044 (0.140)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-203⁠

Observable Discrepancy

ADVISORY - redhat

CWE-266⁠

Incorrect Privilege Assignment

CWE-276⁠

Incorrect Default Permissions

Impacted images

Advisories

NIST

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDCVE-2020-12912⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

5.5medium

Debian

CREATED

4 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2020-12912⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

4 years ago

UPDATED

7 months ago

ADVISORY IDCVE-2020-12912⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.5low

Red Hat

CREATED

4 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2020-12912⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CWE-266⁠CWE-276⁠

CVSS SCORE

5.5medium