Bug 2115640 (CVE-2022-21233)
Summary: | CVE-2022-21233 hw: cpu: Intel: Stale Data Read from legacy xAPIC vulnerability | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Rohit Keshri <rkeshri> |
Component: | vulnerability | Assignee: | Nobody <nobody> |
Status: | NEW --- | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | acaringi, adscvr, airlied, alciregi, aquini, bhu, brdeoliv, chwhite, crwood, dbohanno, ddepaula, debarbos, dvlasenk, esyr, hdegoede, hkrzesin, hpa, jarod, jarodwilson, jburrell, jfaracco, jferlan, jforbes, jglisse, jlelli, joe.lawrence, jonathan, josef, jpoimboe, jshortt, jstancek, jwboyer, jwyatt, kcarcia, kernel-maint, kernel-mgr, kyoshida, lgoncalv, linville, llong, lzampier, masami256, mchehab, nmurray, ptalbert, qzhao, rvrbovsk, scweaver, steved, tyberry, vkumar, walters, wcosta, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A flaw was found in hw. The APIC can operate in xAPIC mode (also known as a legacy mode), in which APIC configuration registers are exposed through a memory-mapped I/O (MMIO) page. This flaw allows an attacker who can execute code on a target CPU to query the APIC configuration page. When reading the APIC configuration page with an unaligned read from the MMIO page, the registers may return stale data from previous requests made by the same processor core to the same configuration page, leading to unauthorized access.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | Type: | --- | |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2115641, 2115642, 2115643, 2115644, 2115646, 2115647, 2115648, 2115649, 2115650, 2115651, 2115652, 2115653, 2115654, 2115655, 2115656, 2115657, 2115658, 2115659, 2115660, 2115661, 2115662, 2115663, 2115664, 2115665, 2115666, 2115667, 2117009, 2119079, 2119080 | ||
Bug Blocks: | 2115639 |
Description
Rohit Keshri
2022-08-05 05:39:01 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2117009] |