Bug 2115065 (CVE-2022-26373)
Summary: | CVE-2022-26373 hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Rohit Keshri <rkeshri> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | acaringi, adscvr, airlied, alciregi, aquini, bhu, brdeoliv, bskeggs, chwhite, crwood, dbohanno, ddepaula, debarbos, dhoward, dvlasenk, fhrbata, hdegoede, hkrzesin, hpa, jarod, jarodwilson, jburrell, jfaracco, jferlan, jforbes, jglisse, jlelli, joe.lawrence, jonathan, josef, jpoimboe, jshortt, jstancek, jwboyer, jwyatt, kcarcia, kernel-maint, kernel-mgr, lgoncalv, linville, llong, longman, lzampier, masami256, mchehab, mvanderw, nmurray, pmatouse, ptalbert, qzhao, rvrbovsk, scweaver, security-response-team, steved, tyberry, vkumar, walters, williams, wmealing |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation (eIBRS) capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer (RSB) prediction.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2022-12-14 14:48:03 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2115069, 2115070, 2115071, 2115072, 2115073, 2115074, 2115075, 2115076, 2115077, 2115078, 2115079, 2115080, 2115081, 2115082, 2115083, 2115084, 2115085, 2115086, 2115087, 2115088, 2117008 | ||
Bug Blocks: | 2115063 |
Description
Rohit Keshri
2022-08-03 19:34:20 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2117008] This was fixed for Fedora with the 5.18.17 stable kernel updates. This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:7337 https://access.redhat.com/errata/RHSA-2022:7337 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:7338 https://access.redhat.com/errata/RHSA-2022:7338 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:7444 https://access.redhat.com/errata/RHSA-2022:7444 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:7683 https://access.redhat.com/errata/RHSA-2022:7683 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:7933 https://access.redhat.com/errata/RHSA-2022:7933 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:8267 https://access.redhat.com/errata/RHSA-2022:8267 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2022:8973 https://access.redhat.com/errata/RHSA-2022:8973 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2022:8974 https://access.redhat.com/errata/RHSA-2022:8974 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-26373 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:0440 https://access.redhat.com/errata/RHSA-2023:0440 |