Описание
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.
A flaw was found in hw. Non-transparent sharing of branch predictor targets between contexts in some Intel(R) processors may potentially allow an authorized user to enable information disclosure via local access.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Will not fix | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2022:7338 | 02.11.2022 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2022:7337 | 02.11.2022 |
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2022:7134 | 25.10.2022 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2022:7110 | 25.10.2022 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2022:8267 | 15.11.2022 |
| Red Hat Enterprise Linux 9 | kernel-rt | Fixed | RHSA-2022:7933 | 15.11.2022 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2022:8267 | 15.11.2022 |
| Red Hat Enterprise Linux 9.0 Extended Update Support | kernel | Fixed | RHSA-2022:8973 | 13.12.2022 |
| Red Hat Enterprise Linux 9.0 Extended Update Support | kernel-rt | Fixed | RHSA-2022:8974 | 13.12.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.6 Medium
CVSS3
Связанные уязвимости
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.
Intel microprocessor generations 6 to 8 are affected by a new Spectre ...
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.
Уязвимость микропрограммного обеспечения процессоров Intel и AMD, позволяющая нарушителю раскрыть защищаемую информацию из памяти ядра или осуществить атаку на хост-систему из виртуальных машин
EPSS
5.6 Medium
CVSS3