Описание
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen.
Ссылки
- Mailing ListThird Party Advisory
- Vendor Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- PatchVendor Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
4.4 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
Связанные уязвимости
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen.
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen.
Xen through 4.14.x allows guest OS administrators to obtain sensitive ...
EPSS
4.4 Medium
CVSS3
2.1 Low
CVSS2