Security Bulletin: The MDS CPU Vulnerabilities

Audience
Public
Product
FlashBlade
FlashArray
Content Type
Source Type
Common Vulnerabilities and Exposures (CVE)

Security Bulletin: The MDS CPU Vulnerabilities

Vulnerability Status: Final Source: Third Party / OSS Initial Publication Date: 2019-05-30 Last Updated: 2026-06-25 06:26:41

Summary:

Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf


CVE#: CVE-2018-12127

Vulnerability score (v3): 5.6

Vector (v3): 3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Severity (v3): 3 - Medium

Product(s): FlashArray, FlashBlade

Version First Fixed: Not affected


References:

https://nvd.nist.gov/vuln/detail/CVE-2018-12127