Security Software

Speculative Behavior of SWAPGS and Segment Registers / CVE-2019-1125 /



Industry-wide severity ratings can be found in the National Vulnerability Database




The IA-32 architecture uses memory segmentation in the formation of physical memory addresses. Segment descriptors specify a base address (along with other attributes) for each segment, on which the rest of the physical address is built. Segment information is stored in a table in memory, and the individual segments are referenced by selectors that act as indices into this table. Many operating systems (OSes) use the GS segment register to reference application and kernel data that is specific to a thread or processor. In such cases, the operating system maintains both user space and kernel values of GS. The SWAPGS instruction is a privileged CPU instruction used to exchange the application and kernel values of GS. If operating systems that use SWAPGS to switch the contents of the GS register on kernel entry have code paths that conditionally determine whether or not to execute the instruction and then also contain memory references offset from the register, those OSes may be vulnerable to malicious actors who can cause the SWAPGS instruction to be speculatively executed or bypassed. The CVE assigned to this vulnerability is CVE-2019-1125 (5.6 Medium CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C).

Segment Registers

Refer to the Deep Dive: Intel Analysis of Speculative Behavior of SWAPGS and Segment Registers for more information on the role of segment registers in this vulnerability.


OS and VMM Developers

After assessing this issue, industry partners determined that mitigations for this issue would be implemented by the operating system. Refer to the Deep Dive: Intel Analysis of Speculative Behavior of SWAPGS and Segment Registers for more details, including example code. 

You can also find additional information in the Microsoft* security advisory for Windows* operating systems and the latest documentation for Linux* operating systems.

System Administrators and Application Developers

Intel recommends that you always keep your systems up to date with the latest security updates and guidance from your OS and virtual machine monitor (VMM) vendors.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software, or service activation. Performance varies depending on system configuration. Check with your system manufacturer or retailer or learn more at

All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps.

Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors.

Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more complete information visit

Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available​ updates.

The products and services described may contain defects or errors known as errata which may cause deviations from published specifications. Current characterized errata are available on request.

Intel provides these materials as-is, with no express or implied warranties.

No product or component can be absolutely secure.

Your costs and results may vary.

© Intel Corporation.  Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries.  Other names and brands may be claimed as the property of others.