Lucene search

K

Veracode Vulnerability DatabaseVERACODE:21944

HistoryNov 13, 2019 - 12:20 a.m.

Information Disclosure

2019-11-1300:20:00

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

20

0.001 Low

EPSS

Percentile

23.8%

kernel is vulnerable to information disclosure. Due to the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort (TAA) error occur, a local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times.

CPENameOperatorVersion
kerneleq2.6.32__696.1.1.bgq.el6
kerneleq2.6.32__220.4.4.bgq.el6
kerneleq2.6.32__696.28.1.el6
kerneleq2.6.32__358.6.1.el6
kerneleq4.18.0__80.el8
kerneleq2.6.32__642.6.2.el6
kerneleq2.6.32__431.40.2.el6
kerneleq3.10.0__957.1.3.el7
kerneleq2.6.32__642.3.1.el6
kerneleq2.6.32__131.17.1.el6

Rows per page:

1-10 of 7661

References

lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html

lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html

lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html

packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

www.openwall.com/lists/oss-security/2019/12/10/3

www.openwall.com/lists/oss-security/2019/12/10/4

www.openwall.com/lists/oss-security/2019/12/11/1

access.redhat.com/errata/RHSA-2019:3832

access.redhat.com/errata/RHSA-2019:3936

access.redhat.com/errata/RHSA-2020:0026

access.redhat.com/errata/RHSA-2020:0028

access.redhat.com/errata/RHSA-2020:0204

access.redhat.com/errata/RHSA-2020:0279

access.redhat.com/errata/RHSA-2020:0366

access.redhat.com/errata/RHSA-2020:0555

access.redhat.com/errata/RHSA-2020:0666

access.redhat.com/errata/RHSA-2020:0730

access.redhat.com/security/updates/classification/#important

access.redhat.com/security/vulnerabilities/ifu-page-mce

access.redhat.com/solutions/i915-graphics

access.redhat.com/solutions/tsx-asynchronousabort

kc.mcafee.com/corporate/index?page=content&id=SB10306

lists.debian.org/debian-lts-announce/2019/12/msg00035.html

lists.fedoraproject.org/archives/list/[email protected]/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/

lists.fedoraproject.org/archives/list/[email protected]/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/

seclists.org/bugtraq/2019/Dec/28

seclists.org/bugtraq/2019/Nov/26

seclists.org/bugtraq/2020/Jan/21

security.gentoo.org/glsa/202003-56

support.f5.com/csp/article/K02912734?utm_source=f5support&utm_medium=RSS

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us

usn.ubuntu.com/4186-2/

www.debian.org/security/2020/dsa-4602

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html

www.oracle.com/security-alerts/cpujan2021.html

0.001 Low

EPSS

Percentile

23.8%