Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:43444
HistoryOct 02, 2023 - 5:15 p.m.

Information Disclosure

2023-10-0217:15:30
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20
xen
vulnerability
amd processors
information disclosure
speculative data

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

17.6%

xen is vulnerable to Information Disclosure. The vulnerability exists due to a division-by-zero error on some AMD processors which allows an attacker to gain access to speculative data.

References

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

17.6%