Bug 2207625 (AMD-SN-7005, CVE-2023-20569, RAS)
| Summary: | CVE-2023-20569 amd: Return Address Predictor vulnerability leading to information disclosure | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Rohit Keshri <rkeshri> |
| Component: | vulnerability | Assignee: | Nobody <nobody> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | acaringi, allarkin, bhu, chwhite, crwood, darcari, dbohanno, ddepaula, debarbos, dfreiber, drow, dvlasenk, ezulian, hkrzesin, jarod, jburrell, jdenham, jfaracco, jferlan, jforbes, jlelli, joe.lawrence, jshortt, jstancek, jwyatt, kcarcia, kcook34, kernel-mgr, ldoskova, lgoncalv, lzampier, mpanaous, mvanderw, nicolas.bertolus, nmurray, ptalbert, qzhao, rik.theys, rogbas, rrobaina, rvrbovsk, rysulliv, scweaver, security-response-team, tglozar, tyberry, vkumar, walters, wcosta, williams, wmealing, ycote, ymankad |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: |
A side channel vulnerability was found in hw amd. Some AMD CPUs may allow an attacker to influence the return address prediction. This issue may result in speculative execution at an attacker-controlled instruction pointer register, potentially leading to information disclosure.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2217875, 2217876, 2217877, 2217878, 2230151, 2230378, 2230379, 2230381, 2230382, 2230383, 2230384, 2230385, 2230386, 2230388, 2230390, 2230391, 2230392, 2230393, 2230394, 2230395, 2230396, 2230397, 2230406, 2230407, 2230408, 2230409, 2230410, 2230411, 2230412, 2230413, 2230414, 2230415, 2230416, 2230417, 2230418 | ||
| Bug Blocks: | 2180682 | ||
|
Description
Rohit Keshri
2023-05-16 11:32:10 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2230151] This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:6595 https://access.redhat.com/errata/RHSA-2023:6595 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7109 https://access.redhat.com/errata/RHSA-2023:7109 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Advanced Update Support Via RHSA-2023:7244 https://access.redhat.com/errata/RHSA-2023:7244 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:7401 https://access.redhat.com/errata/RHSA-2023:7401 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:7513 https://access.redhat.com/errata/RHSA-2023:7513 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7749 https://access.redhat.com/errata/RHSA-2023:7749 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Advanced Update Support Via RHSA-2023:7782 https://access.redhat.com/errata/RHSA-2023:7782 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:0113 https://access.redhat.com/errata/RHSA-2024:0113 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:0134 https://access.redhat.com/errata/RHSA-2024:0134 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2024:0433 https://access.redhat.com/errata/RHSA-2024:0433 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:0439 https://access.redhat.com/errata/RHSA-2024:0439 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:0448 https://access.redhat.com/errata/RHSA-2024:0448 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:0449 https://access.redhat.com/errata/RHSA-2024:0449 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2024:0561 https://access.redhat.com/errata/RHSA-2024:0561 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0724 https://access.redhat.com/errata/RHSA-2024:0724 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Telecommunications Update Service Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Via RHSA-2024:2005 https://access.redhat.com/errata/RHSA-2024:2005 Added CVE-2023-20569 to RHBA-2023:2977 https://errata.devel.redhat.com/advisory/104817 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:5255 https://access.redhat.com/errata/RHSA-2024:5255 |