CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
17.6%
xen is vulnerable to Information Disclosure. The vulnerability exists due to a division-by-zero error on some AMD processors which allows an attacker to gain access to speculative data.
www.openwall.com/lists/oss-security/2023/09/25/3
www.openwall.com/lists/oss-security/2023/09/25/4
www.openwall.com/lists/oss-security/2023/09/25/5
www.openwall.com/lists/oss-security/2023/09/25/7
www.openwall.com/lists/oss-security/2023/09/25/8
www.openwall.com/lists/oss-security/2023/09/26/5
www.openwall.com/lists/oss-security/2023/09/26/8
www.openwall.com/lists/oss-security/2023/09/26/9
www.openwall.com/lists/oss-security/2023/09/27/1
www.openwall.com/lists/oss-security/2023/10/03/12
www.openwall.com/lists/oss-security/2023/10/03/13
www.openwall.com/lists/oss-security/2023/10/03/14
www.openwall.com/lists/oss-security/2023/10/03/15
www.openwall.com/lists/oss-security/2023/10/03/16
www.openwall.com/lists/oss-security/2023/10/03/9
www.openwall.com/lists/oss-security/2023/10/04/1
www.openwall.com/lists/oss-security/2023/10/04/2
www.openwall.com/lists/oss-security/2023/10/04/3
www.openwall.com/lists/oss-security/2023/10/04/4
xenbits.xen.org/xsa/advisory-439.html
lists.debian.org/debian-lts-announce/2023/10/msg00027.html
lists.fedoraproject.org/archives/list/[email protected]/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/
lists.fedoraproject.org/archives/list/[email protected]/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/
lists.fedoraproject.org/archives/list/[email protected]/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.15/main.yaml
secdb.alpinelinux.org/v3.16/main.yaml
secdb.alpinelinux.org/v3.17/main.yaml
secdb.alpinelinux.org/v3.18/main.yaml
security.netapp.com/advisory/ntap-20240531-0005/
www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007
www.debian.org/security/2023/dsa-5480
www.debian.org/security/2023/dsa-5492