A flaw was found in the implementation of Intel Transactional
Synchronization Extensions (TSX) abortion where a local authenticated
attacker with the ability to monitor execution time is able to infer TSX
memory state by comparing abort execution times.
*** Bug 699990 has been marked as a duplicate of this bug. ***
Maintainer(s), please cleanup.
Security, please vote.
The bug has been referenced in the following commit(s):
Author: Yixun Lan <email@example.com>
AuthorDate: 2019-11-14 15:17:01 +0000
Commit: Yixun Lan <firstname.lastname@example.org>
CommitDate: 2019-11-14 15:18:02 +0000
app-emulation/xen: cleanup & drop vulnerable version
Package-Manager: Portage-2.3.78, Repoman-2.3.17
Signed-off-by: Yixun Lan <email@example.com>
app-emulation/xen/Manifest | 1 -
app-emulation/xen/xen-4.11.2-r1.ebuild | 154 ---------------------------------
2 files changed, 155 deletions(-)
Added to an existing GLSA.
This issue was resolved and addressed in
GLSA 202003-56 at https://security.gentoo.org/glsa/202003-56
by GLSA coordinator Thomas Deutschmann (whissi).