First published: Mon Nov 18 2019(Updated: )
Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a Transaction Asynchronous Abort (TAA) h/w issue in KVM. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Data Risk Manager | <=2.0.6 | |
Linux Linux kernel | <5.5 | |
Redhat Enterprise Linux | =6.0 | |
redhat/kernel-rt | <0:3.10.0-1062.18.1.rt56.1044.el7 | 0:3.10.0-1062.18.1.rt56.1044.el7 |
redhat/kernel | <0:3.10.0-1062.18.1.el7 | 0:3.10.0-1062.18.1.el7 |
redhat/kernel | <0:3.10.0-957.48.1.el7 | 0:3.10.0-957.48.1.el7 |
redhat/kernel-rt | <0:4.18.0-147.5.1.rt24.98.el8_1 | 0:4.18.0-147.5.1.rt24.98.el8_1 |
redhat/kernel | <0:4.18.0-147.5.1.el8_1 | 0:4.18.0-147.5.1.el8_1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)