CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
EPSS
Percentile
18.7%
An erratum exists across some CPUs whereby an instruction fetch may cause a machine check error if the pagetables have been updated in a specific manner without invalidating the TLB.
The x86 architecture explicitly permits modification of the pagetables without TLB invalidation, but in this corner case, the impacted core ceases operating and an unexpected machine check or system reset occurs.
This corner case can be triggered by guest kernels.
For more details, see: <a href=โhttps://software.intel.com/security-software-guidance/insights/deep-dive-machine-check-error-avoidance-page-size-changeโ>https://software.intel.com/security-software-guidance/insights/deep-dive-machine-check-error-avoidance-page-size-change</a>
A malicious guest kernel can crash the host, resulting in a Denial of Service (DoS). (This CPU bug may also be triggered accidentally.)
Systems running all versions of Xen are affected.
Only x86 processors are vulnerable. ARM processors are not believed to be vulnerable.
Only Intel Core based processors (from Nehalem onwards) are affected. Other processors designs (Intel Atom/Knights range), and other manufacturers (AMD) are not known to be affected.
Only x86 HVM/PVH guests can exploit the vulnerability. x86 PV guests cannot exploit the vulnerability.
Please consult the Intel Security Advisory for details on the affected processors.
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
EPSS
Percentile
18.7%