CVE-2022-23825

Опубликовано: 14 июл. 2022

Источник: debian

EPSS Низкий

Описание

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.

Пакет	Статус	Версия исправления	Релиз	Тип
xen	fixed	4.16.2-1		package
xen	postponed		bullseye	package
xen	end-of-life		buster	package

https://comsec.ethz.ch/research/microarch/retbleed/
https://comsec.ethz.ch/wp-content/files/retbleed_addendum_sec22.pdf
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037
https://xenbits.xen.org/xsa/advisory-407.html
Followup (which did not got a new CVE allocated by AMD):
https://xenbits.xen.org/xsa/advisory-422.html
https://www.amd.com/system/files/documents/technical-guidance-for-mitigating-branch-type-confusion.pdf

EPSS

Процентиль: 40%

0.00174

Низкий

CVE-2022-23825

CVSS3: 6.5

ubuntu

почти 3 года назад

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.

CVE-2022-23825

CVSS3: 5.6

redhat

почти 3 года назад

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.

CVE-2022-23825

CVSS3: 6.5

nvd

почти 3 года назад

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.

CVE-2022-23825

msrc

почти 3 года назад

AMD: CVE-2022-23825 AMD CPU Branch Type Confusion

GHSA-w7j2-r4x6-6frw

CVSS3: 6.5

github

почти 3 года назад

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.

EPSS

Процентиль: 40%

0.00174

Низкий