Bug 1951722 (CVE-2021-28689)
Summary: | CVE-2021-28689 xen: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests (XSA-370) | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED UPSTREAM | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | jforbes, m.a.young, security-response-team |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A flaw was found in Xen. Indirect Branch Restricted Speculation (IBRS) does not architecturally protect ring 0 from predictions learnt in ring 1. A malicious 32-bit PV guest could use this flaw to mount a Spectre v2 attack against Xen by conducting targeted cache side-channel attacks. The highest threat from this vulnerability is to data confidentiality.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-05-04 20:33:53 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1956800 | ||
Bug Blocks: | 1951723 |
Description
Pedro Sampaio
2021-04-20 19:38:43 UTC
External References: http://xenbits.xen.org/xsa/advisory-370.html Acknowledgments: Name: the Xen project Created xen tracking bugs for this issue: Affects: fedora-all [bug 1956800] According to the upstream advisory (comment 1) there is no resolution available for this flaw, and none is ever expected. The patches provided only update the security support statement. For more information, please refer to the RESOLUTION section in the advisory. Note that this flaw only affects 32-bit un-shimmed x86 PV guests (i.e., fully paravirtualized guests). All other Xen modes that leverage hardware assisted virtualization (e.g., HVM) are not affected by this flaw. 64-bit systems are not affected, either. This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products. |