Published: 09/06/2021 Updated: 07/11/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian debian linux 10.0
fedoraproject fedora 33
fedoraproject fedora 34
intel pentium_processors_firmware -
intel celeron_processors_firmware -
intel xeon_processors_firmware -
intel core_processors_firmware -
intel itanium_processors_firmware -

Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service or information leaks For the stable distribution (buster), these problems have been fixed in version 4114+107-gef32c7afa2-1 We recommend that you upgrade your xen packages For the detailed security status of xen please refer to its secu ...

Several security issues have been identified that affect Citrix Hypervisor:Two issues, each of which may each allow privileged code in a guest VM to cause the host to crash or become unresponsive  These two issues only affect systems where the malicious guest VM has a physical PCI device passed through to it by the host administratorThese is ...

oss-sec mailing list archives   By Date By Thread </form>    Re: Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass  <! ...

oss-sec mailing list archives   By Date By Thread </form>    Xen Security Advisory 375 v2 (CVE-2021-0089) - Speculative Code Store Bypass  <!--X-Head-of-Message ...

Speculative Code Store Bypass Vulnerability Proof-of-Concept

Speculative Code Store Bypass POC Proof-of-Concept of the Speculative Code Store Bypass Vulnerability Description Speculative Code Store Bypass (SCSB) is a new transient execution attack which exploits the self-modifying code (SMC) mechanism in Intel processor Intel published this vulnerability on 2021-06-08 and assigned it CVE-2021-0089 Look at their explainations for detail

CWE-203 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html http://www.openwall.com/lists/oss-security/2021/06/10/1 http://www.openwall.com/lists/oss-security/2021/06/10/11 http://www.openwall.com/lists/oss-security/2021/06/10/10 https://www.debian.org/security/2021/dsa-4931 https://security.gentoo.org/glsa/202107-30 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/https://nvd.nist.gov https://www.debian.org/security/2021/dsa-4931 https://github.com/coolcatlee/Speculative-Code-Store-Bypass-POC

CVE-2021-0089

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect