Description
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
CVSS breakdown
CVSS 3.0
Privileges Required
None
Confidentiality
High
Attack Vector
Local
Attack Complexity
High
Scope
Unchanged
Availability
None
Integrity
None
User Interaction
None
E
Unchanged
RC
Changed
RL
O
Affected products
- ibm / aix7.1 – 7.1
- ibm / aix7.2 – 7.2
- ibm / vios3.1 – 3.1
References
- MISChttps://www.ibm.com/support/pages/node/6370729
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/189296
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2020/11/20/3
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2020/11/23/1
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZF4OGZPKTAJJXWHPIFP3LHEWWEMR5LPT/
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TITJQPYDWZ4NB2ONJWUXW75KSQIPF35T/
- VENDOR_ADVISORYhttps://www.oracle.com/security-alerts/cpujul2022.html