EPSS
Percentile
23.6%
Kernel is vulenrable to information disclosure. The vulnerability exists in KVM through exporting MSR_IA32_TSX_CTRL to guest. This issue exists due to the an incomplete fix for TAA, CVE-2019-11135.
access.redhat.com/errata/RHSA-2020:0339
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19338
software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort
www.openwall.com/lists/oss-security/2019/12/10/3
EPSS
Percentile
23.6%