https://xenbits.xen.org/xsa/advisory-297.html for details abo...">
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
12.8%
This is very closely related to the Microarchitectural Data Sampling vulnerabilities from May 2019.
Please see <a href=โhttps://xenbits.xen.org/xsa/advisory-297.htmlโ>https://xenbits.xen.org/xsa/advisory-297.html</a> for details about MDS.
A new way of using the micro-architectural details behind MDS has been identified. Instead of simply trying to sample data from a different privilege context, an attacker can arrange for poisoned data to be consumed (speculatively) in a victim context.
This expands the range of tools by which an attacker can manipulate speculation in the victim context to leak data via a side channel.
For more details, see: <a href=โhttps://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injectionโ>https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection</a>
An attacker, which could include a malicious untrusted user process on a trusted guest, or an untrusted guest, can potentially cause a victim context (process, or guest, or guest kernel, or hypervisor) to leak secrets available to it.
Systems running all versions of Xen are affected.
Only x86 processors are vulnerable. ARM processors are not believed to be vulnerable.
Only Intel based processors are potentially affected. Processors from other manufacturers (e.g. AMD) are not believed to be vulnerable.
Please consult the Intel Security Advisory for details on the affected processors.
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
12.8%