Microarchitectural Data Sampling

Microarchitectural Data Sampling
	Logo designed for the vulnerabilities, featuring a wounded hand holding a broken microprocessor.
CVE identifier(s)	CVE-2018-12126 (Fallout),; CVE-2018-12127 (RIDL),; CVE-2019-11091 (RIDL, ZombieLoad),; CVE-2018-12130 (RIDL, ZombieLoad),; CVE-2019-11135 (ZombieLoad v2)
Date discovered	2018
Date patched	14 May 2019
Discoverer	University of Adelaide; Graz University of Technology; Catholic University of Leuven; Qihoo 360; Cyberus Technology; Saarland University; Vrije Universiteit Amsterdam; Bitdefender; Oracle Corporation; University of Michigan; Worcester Polytechnic Institute
Affected hardware	Pre-April 2019 Intel x86 microprocessors
Website	mdsattacks.com ZombieLoadAttack.com

The Microarchitectural Data Sampling (MDS) vulnerabilities are a set of weaknesses in Intel x86 microprocessors that use hyper-threading, and leak data across protection boundaries that are architecturally supposed to be secure. The attacks exploiting the vulnerabilities have been labeled Fallout, RIDL (Rogue In-Flight Data Load), ZombieLoad.,^[2]^[3]^[4] and ZombieLoad 2.^[5]

^ ^a ^b Cite error: The named reference Greenberg was invoked but never defined (see the help page).
^ Cite error: The named reference new was invoked but never defined (see the help page).
^ Spectre-NG-Lücken: OpenBSD schaltet Hyper-Threading ab, heise.de, 2018-06, accessed 2019-09-29
^ Let's Talk To Linux Kernel Developer Greg Kroah-Hartman | Open Source Summit, 2019, TFIR, 2019-09-03
^ Winder, Davey (2019-11-13). "Intel Confirms 'ZombieLoad 2' Security Threat". Forbes. Archived from the original on 2020-01-14. Retrieved 2020-01-14.

[Greenberg-1] Cite error: The named reference Greenberg was invoked but never defined (see the help page).

[new-2] Cite error: The named reference new was invoked but never defined (see the help page).

[3] Spectre-NG-Lücken: OpenBSD schaltet Hyper-Threading ab, heise.de, 2018-06, accessed 2019-09-29

[4] Let's Talk To Linux Kernel Developer Greg Kroah-Hartman | Open Source Summit, 2019, TFIR, 2019-09-03

[5] Winder, Davey (2019-11-13). "Intel Confirms 'ZombieLoad 2' Security Threat". Forbes. Archived from the original on 2020-01-14. Retrieved 2020-01-14.

[1]

[2]

[3]

[4]

[5]

Logo designed for the vulnerabilities, featuring a wounded hand holding a broken microprocessor.
CVE identifier(s)	CVE-2018-12126 (Fallout), CVE-2018-12127 (RIDL), CVE-2019-11091 (RIDL, ZombieLoad), CVE-2018-12130 (RIDL, ZombieLoad), CVE-2019-11135 (ZombieLoad v2)
Date discovered	2018^[1]
Date patched	14 May 2019
Discoverer	University of Adelaide Graz University of Technology Catholic University of Leuven Qihoo 360 Cyberus Technology Saarland University Vrije Universiteit Amsterdam Bitdefender Oracle Corporation University of Michigan Worcester Polytechnic Institute^[1]
Affected hardware	Pre-April 2019 Intel x86 microprocessors
Website	mdsattacks.com ZombieLoadAttack.com