CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
Vulnerability in the cross-platform Xen hypervisor of the Linux operating system kernel is related to disclosure of
information. Exploitation of the vulnerability could allow an attacker acting remotely to gain
Unauthorized access to protected information
A vulnerability in the libfsimage component of the Xen cross-platform hypervisor component of the Linux kernel is related to information disclosure.
is related to insufficient input data validation. Exploitation of the vulnerability could allow an attacker to
impact the confidentiality, integrity, and availability of
A firmware vulnerability in Intel and AMD processors is associated with errors in the processing of the “ret” (return) instruction.
the “ret” (return) instruction that retrieves the address to jump from the stack. Exploitation of the vulnerability could
allow an attacker to disclose protected information from kernel memory or launch an attack on the host system
from virtual machines
A vulnerability in the cross-platform Xen hypervisor of the Linux operating system kernel is related to the disclosure of
information. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to the
protected information or cause a denial of service
Vulnerability in the Shadow Mode component of the Xen cross-platform hypervisor of the Linux kernel is related to information disclosure.
is related to information disclosure. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service
A vulnerability in the phantom() function of the Xen hypervisor is associated with access delimitation flaws resulting from an
incorrect input validation during request generation. Exploitation of the vulnerability could allow
an attacker to gain unauthorized access to protected information
AMD processor firmware vulnerability is related to incorrect prediction of the type of the
transition. Exploitation of the vulnerability allows an attacker to disclose protected information
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High