CVE-2019-11139

Name: CVE-2019-11139
Creator: NVD / NIST
Published: 2019-11-14T19:15:13.19+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6/10EPSS 0.36%

Last modified Jun 17, 2026

CVE-2019-11139 is a medium-severity vulnerability rated 6/10 on the CVSS scale. Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.. EPSS estimates a 0.36% chance of exploitation in the next 30 days.

Description

Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.

Metrics

CVSS 3.1

6/10

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

EPSS Probability

0.36%

27.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-754

Affected Software

Vendor	Product	Versions
Debian	Debian Linux	8.0
Opensuse	Leap	15.0
Opensuse	Leap	15.1
Intel	Xeon 8153 Firmware	All versions
Intel	Xeon 8156 Firmware	All versions
Intel	Xeon 8158 Firmware	All versions
Intel	Xeon 8160 Firmware	All versions
Intel	Xeon 8160f Firmware	All versions
Intel	Xeon 8160m Firmware	All versions
Intel	Xeon 8160t Firmware	All versions
Intel	Xeon 8164 Firmware	All versions
Intel	Xeon 8168 Firmware	All versions
Intel	Xeon 8170 Firmware	All versions
Intel	Xeon 8170m Firmware	All versions
Intel	Xeon 8176 Firmware	All versions
Intel	Xeon 8176f Firmware	All versions
Intel	Xeon 8176m Firmware	All versions
Intel	Xeon 8180 Firmware	All versions
Intel	Xeon 8180m Firmware	All versions
Intel	Xeon 5115 Firmware	All versions
Intel	Xeon 5118 Firmware	All versions
Intel	Xeon 5119t Firmware	All versions
Intel	Xeon 5120 Firmware	All versions
Intel	Xeon 5120t Firmware	All versions
Intel	Xeon 5122 Firmware	All versions
Intel	Xeon 6126 Firmware	All versions
Intel	Xeon 6126f Firmware	All versions
Intel	Xeon 6126t Firmware	All versions
Intel	Xeon 6128 Firmware	All versions
Intel	Xeon 6130 Firmware	All versions
Intel	Xeon 6130f Firmware	All versions
Intel	Xeon 6130t Firmware	All versions
Intel	Xeon 6132 Firmware	All versions
Intel	Xeon 6134 Firmware	All versions
Intel	Xeon 6134m Firmware	All versions
Intel	Xeon 6136 Firmware	All versions
Intel	Xeon 6138 Firmware	All versions
Intel	Xeon 6138f Firmware	All versions
Intel	Xeon 6138t Firmware	All versions
Intel	Xeon 6140 Firmware	All versions
Intel	Xeon 6140m Firmware	All versions
Intel	Xeon 6142 Firmware	All versions
Intel	Xeon 6142f Firmware	All versions
Intel	Xeon 6144 Firmware	All versions
Intel	Xeon 6146 Firmware	All versions
Intel	Xeon 6148 Firmware	All versions
Intel	Xeon 6148f Firmware	All versions
Intel	Xeon 6150 Firmware	All versions
Intel	Xeon 6152 Firmware	All versions
Intel	Xeon 6154 Firmware	All versions

Showing 50 of 60 affected configurations. See NVD for the full list.

References

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.htmlMailing List, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/12/msg00035.htmlMailing List, Third Party Advisory
https://seclists.org/bugtraq/2019/Dec/28Mailing List, Third Party Advisory
https://support.f5.com/csp/article/K42433061?utm_source=f5support&amp%3Butm_medium=RSS
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03969en_usThird Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.htmlVendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.htmlMailing List, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/12/msg00035.htmlMailing List, Third Party Advisory
https://seclists.org/bugtraq/2019/Dec/28Mailing List, Third Party Advisory
https://support.f5.com/csp/article/K42433061?utm_source=f5support&amp%3Butm_medium=RSS
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03969en_usThird Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.htmlVendor Advisory

Timeline

Published: Nov 14, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-11139?

Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.

How severe is CVE-2019-11139?

CVE-2019-11139 has a CVSS score of 6/10 (MEDIUM severity). The EPSS model estimates a 0.36% probability of exploitation in the next 30 days.

How do I fix CVE-2019-11139?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-11139?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST