Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-7qwx-5h4j-5c9w

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью

Описание

x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and preferred option) requires selecting a non-default setting in MSR_TSX_CTRL. This setting isn't restored after S3 suspend.

x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and preferred option) requires selecting a non-default setting in MSR_TSX_CTRL. This setting isn't restored after S3 suspend.

Ссылки

EPSS

Процентиль: 57%
0.00357
Низкий

CVE ID

CVE-2021-28690

Связанные уязвимости

ubuntu логотип

CVE-2021-28690

CVSS3: 6.5
ubuntu
больше 4 лет назад

x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and preferred option) requires selecting a non-default setting in MSR_TSX_CTRL. This setting isn't restored after S3 suspend.

nvd логотип

CVE-2021-28690

CVSS3: 6.5
nvd
больше 4 лет назад

x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and preferred option) requires selecting a non-default setting in MSR_TSX_CTRL. This setting isn't restored after S3 suspend.

debian логотип

CVE-2021-28690

CVSS3: 6.5
debian
больше 4 лет назад

x86: TSX Async Abort protections not restored after S3 This issue rela ...

fstec логотип

BDU:2022-00319

CVSS3: 6.5
fstec
больше 4 лет назад

Уязвимость кросплатформенного гипервизора Xen, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным

suse-cvrf логотип

SUSE-SU-2021:2943-1

suse-cvrf
больше 4 лет назад

Security update for xen

EPSS

Процентиль: 57%
0.00357
Низкий

CVE ID

CVE-2021-28690