Intel Processors: information disclosure via TSX Asynchronous Abort

January 2020 by Vigil@nce

SYNTHESIS OF THE VULNERABILITY

Impacted products: XenServer, Debian, Fedora, FreeBSD, HP ProLiant, Linux, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 2019, Windows 7, Windows 8, Windows RT, OpenBSD, openSUSE Leap, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu, ESXi, VMware vSphere Hypervisor, VMware Workstation, Xen.

Severity: 2/4.

Consequences: data reading.

Provenance: user shell.

Confidence: confirmed by the editor (5/5).

Creation date: 13/11/2019.

DESCRIPTION OF THE VULNERABILITY

An attacker can bypass access restrictions to data via TSX Asynchronous Abort of Intel Processors, in order to obtain sensitive information.

