CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS
Percentile
9.0%
Xen is vulnerable to a Thread Counter Overflow. The vulnerability arises from the mishandling of guest SSBD (Speculative Store Bypass Disable) selection on AMD hardware. This mishandling enables a guest to underflow or overflow the thread counter. Each write to VIRT_SPEC_CTRL.SSBD
by the guest is propagated to the helper responsible for per-core active accounting. Underflowing the counter can cause the value to become saturated
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTO3U3WYLAZW3KLPKJZ332FYUREXPZMQ/
lists.fedoraproject.org/archives/list/[email protected]/message/LTO3U3WYLAZW3KLPKJZ332FYUREXPZMQ/
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.18/main.yaml
xenbits.xenproject.org/xsa/advisory-431.txt