Back to bug 2119127
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Alex | 2022-08-17 15:41:12 UTC | CC | security-response-team | |
| Patrick Del Bello | 2022-11-08 19:09:03 UTC | Flags | needinfo?(allarkin) | |
| Alex | 2022-11-09 10:10:52 UTC | Priority | medium | high |
| Doc Text | A flaw was found in hw. For the AMD CPUs could be similar attacks like previously known CVE-2017-5715 (that is Spectre Variant 2). The new type of attacks based on RET predictions for cases where the OS relies on IBPB, to flush the return address predictor. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. | |||
| Severity | medium | high | ||
| Alex | 2022-11-09 10:33:44 UTC | Doc Text | A flaw was found in hw. For the AMD CPUs could be similar attacks like previously known CVE-2017-5715 (that is Spectre Variant 2). The new type of attacks based on RET predictions for cases where the OS relies on IBPB, to flush the return address predictor. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. | A flaw was found in hw. For the AMD CPUs could be similar attacks like previously known CVE-2017-5715 (that is Spectre Variant 2). The CVE-2022-23816 and CVE-2022-29900 similar to this one too. The new type of attacks based on RET predictions for cases where the OS relies on IBPB, to flush the return address predictor. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. |
| Priority | high | medium | ||
| Severity | high | medium | ||
| Alex | 2022-11-09 10:37:16 UTC | Status | NEW | CLOSED |
| Resolution | --- | DUPLICATE | ||
| Last Closed | 2022-11-09 10:37:16 UTC | |||
| Alex | 2022-11-09 11:10:23 UTC | Doc Text | A flaw was found in hw. For the AMD CPUs could be similar attacks like previously known CVE-2017-5715 (that is Spectre Variant 2). The CVE-2022-23816 and CVE-2022-29900 similar to this one too. The new type of attacks based on RET predictions for cases where the OS relies on IBPB, to flush the return address predictor. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. | A flaw was found in hw. For the AMD CPUs could be similar attacks like previously known CVE-2017-5715 (that is Spectre Variant 2). The CVE-2022-23816 and CVE-2022-29900 similar. The new type of attacks based on RET predictions for cases where the OS relies on IBPB, to flush the return address predictor. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. |
| Alex | 2022-11-09 11:14:16 UTC | Summary | EMBARGOED CVE-2022-23824 hw: cpu: AMD: IBPB and Return Address Predictor Interactions | CVE-2022-23824 hw: cpu: AMD: IBPB and Return Address Predictor Interactions |
| CC | acaringi, adscvr, airlied, alciregi, bskeggs, hdegoede, hpa, jarodwilson, jforbes, jglisse, jonathan, josef, jwboyer, kernel-maint, lgoncalv, linville, masami256, mchehab, ptalbert, steved | |||
| Deadline | 2022-07-12 | |||
| Group | security, qe_staff | |||
| Alex | 2022-11-09 11:14:47 UTC | Depends On | 2141263 | |
| Alex | 2022-11-09 11:55:07 UTC | Status | CLOSED | NEW |
| Flags | needinfo?(allarkin) | |||
| Resolution | DUPLICATE | --- | ||
| Keywords | Reopened | |||
| Alex | 2022-11-09 11:59:54 UTC | CC | bhu, brdeoliv, chwhite, ddepaula, debarbos, dhoward, dvlasenk, ezulian, fhrbata, hkrzesin, jarod, jburrell, jfaracco, jferlan, jlelli, joe.lawrence, jshortt, jstancek, jwyatt, kcarcia, kernel-mgr, lleshchi, lzampier, nmurray, qzhao, rvrbovsk, scweaver, swood, tyberry, vkumar, walters, williams | |
| Alex | 2022-11-09 12:18:17 UTC | Depends On | 2141290, 2141298, 2141273, 2141286, 2141280, 2141281, 2141275, 2141293, 2141285, 2141288, 2141284, 2141278, 2141279, 2141291, 2141287, 2141277, 2141282, 2141292, 2141283, 2141276, 2141274, 2141289, 2141296, 2141297, 2141295, 2141294 | |
| Paige Jung | 2022-11-09 15:33:58 UTC | Doc Text | A flaw was found in hw. For the AMD CPUs could be similar attacks like previously known CVE-2017-5715 (that is Spectre Variant 2). The CVE-2022-23816 and CVE-2022-29900 similar. The new type of attacks based on RET predictions for cases where the OS relies on IBPB, to flush the return address predictor. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. | A flaw was found in hw. The AMD CPUs can be attacked similar to the previously known Spectre Variant 2 (CVE-2017-5715). This issue affects AMD CPUs where the OS relies on IBPB to flush the return address predictor. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. |
| Matt | 2022-11-10 17:10:24 UTC | CC | mvanderw | |
| Patrick Talbert | 2022-11-14 09:12:54 UTC | Flags | needinfo?(allarkin) | |
| Alex | 2022-11-14 14:28:34 UTC | Flags | needinfo?(allarkin) | |
| Red Hat Bugzilla | 2022-12-31 23:35:38 UTC | CC | fhrbata | |
| Red Hat Bugzilla | 2023-04-01 08:41:05 UTC | CC | dhoward | |
| Lucas Zampieri | 2023-05-22 19:59:46 UTC | Flags | needinfo?(allarkin) | |
| Alex | 2023-05-24 10:29:30 UTC | Depends On | 2209638, 2209639 | |
| Alex | 2023-05-24 10:30:51 UTC | Flags | needinfo?(allarkin) | |
| Lucas Zampieri | 2023-05-26 13:24:46 UTC | Flags | needinfo?(allarkin) | |
| Alex | 2023-05-28 09:25:52 UTC | Depends On | 2210536, 2210537 | |
| Alex | 2023-05-28 09:26:55 UTC | Flags | needinfo?(allarkin) | |
| Alex | 2023-06-07 14:51:09 UTC | Depends On | 2213229, 2213231, 2213232, 2213230 | |
| Red Hat Bugzilla | 2023-07-07 08:28:34 UTC | Assignee | security-response-team | nobody |
| CC | security-response-team | |||
| Patrick Talbert | 2023-07-21 08:51:52 UTC | Flags | needinfo?(allarkin) | |
| Alex | 2023-07-24 09:31:57 UTC | Flags | needinfo?(allarkin) |
Back to bug 2119127