Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-29900

Опубликовано: 12 июл. 2022
Источник: debian
EPSS Низкий

Описание

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed5.18.14-1package
linuxignoredbusterpackage
xenfixed4.16.2-1package
xenend-of-lifebusterpackage

Примечания

  • https://comsec.ethz.ch/research/microarch/retbleed/

  • https://comsec.ethz.ch/wp-content/files/retbleed_sec22.pdf

  • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037

  • https://xenbits.xen.org/xsa/advisory-407.html

EPSS

Процентиль: 80%
0.01411
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2022-29900

CVSS3: 6.5
ubuntu
около 3 лет назад

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.

redhat логотип

CVE-2022-29900

CVSS3: 5.6
redhat
около 3 лет назад

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.

nvd логотип

CVE-2022-29900

CVSS3: 6.5
nvd
около 3 лет назад

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.

msrc логотип

CVE-2022-29900

msrc
около 3 лет назад

AMD: CVE-2022-29900 AMD CPU Branch Type Confusion

github логотип

GHSA-f3p5-98fc-2gxr

CVSS3: 6.5
github
около 3 лет назад

AMD microprocessor families 15h to 18h are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

EPSS

Процентиль: 80%
0.01411
Низкий
Уязвимость CVE-2022-29900