Описание
A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Will not fix | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2022:7338 | 02.11.2022 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2022:7337 | 02.11.2022 |
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2022:7134 | 25.10.2022 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2022:7110 | 25.10.2022 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2022:8267 | 15.11.2022 |
| Red Hat Enterprise Linux 9 | kernel-rt | Fixed | RHSA-2022:7933 | 15.11.2022 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2022:8267 | 15.11.2022 |
| Red Hat Enterprise Linux 9.0 Extended Update Support | kernel | Fixed | RHSA-2022:8973 | 13.12.2022 |
| Red Hat Enterprise Linux 9.0 Extended Update Support | kernel-rt | Fixed | RHSA-2022:8974 | 13.12.2022 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=2090226hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions
5.6 Medium
CVSS3
Связанные уязвимости
nvd
больше 2 лет назад
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.
oracle-oval
около 1 года назад
ELSA-2024-12433: Unbreakable Enterprise kernel security update (IMPORTANT)
oracle-oval
почти 3 года назад
ELSA-2022-9591: Unbreakable Enterprise kernel-container security update (IMPORTANT)
oracle-oval
почти 3 года назад
ELSA-2022-9590: Unbreakable Enterprise kernel security update (IMPORTANT)
5.6 Medium
CVSS3