Assigner | XEN |
Reserved | 2024-03-28 |
Published | 2024-05-16 |
Updated | 2024-06-04 |
Description
Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. XSA-434 (Speculative Return Stack Overflow) uses the same infrastructure, so is equally impacted. For more details, see: https://xenbits.xen.org/xsa/advisory-407.html https://xenbits.xen.org/xsa/advisory-434.html
Product status
consult Xen advisory XSA-455
Credits
This issue was discovered by Andrew Cooper of XenServer.
References
https://xenbits.xenproject.org/xsa/advisory-455.html