Описание
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
A side channel vulnerability was found in hw amd. Some AMD CPUs may allow an attacker to influence the return address prediction. This issue may result in speculative execution at an attacker-controlled instruction pointer register, potentially leading to information disclosure.
Меры по смягчению последствий
Mitigation, other than installed the updated packages, for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Will not fix | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Will not fix | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Affected | ||
| Red Hat Enterprise Linux 7 | linux-firmware | Fixed | RHSA-2023:7513 | 27.11.2023 |
| Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118) | linux-firmware | Fixed | RHSA-2023:7782 | 13.12.2023 |
| Red Hat Enterprise Linux 7.7 Advanced Update Support | linux-firmware | Fixed | RHSA-2023:7244 | 15.11.2023 |
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2024:0134 | 10.01.2024 |
| Red Hat Enterprise Linux 8 | linux-firmware | Fixed | RHBA-2023:2977 | 16.05.2023 |
| Red Hat Enterprise Linux 8 | linux-firmware | Fixed | RHSA-2023:7109 | 14.11.2023 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
5.6 Medium
CVSS3
Связанные уязвимости
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
A side channel vulnerability on some of the AMD CPUs may allow an atta ...
EPSS
5.6 Medium
CVSS3