Bug 2153871 (CVE-2022-4543, EntryBleed) - CVE-2022-4543 kernel: KASLR Prefetch Bypass Breaks KPTI
Summary: CVE-2022-4543 kernel: KASLR Prefetch Bypass Breaks KPTI
Keywords:
Status: NEW
Alias: CVE-2022-4543, EntryBleed
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2153872 2153873 2153874 2153875 2153876 2153889 2157019 2157020 2157021 2157022 2157023 2157024 2157025 2157026 2157027 2157028 2157029 2157030 2157031 2157032 2157033 2157034 2157035 2157036 2159068 2159069 2159070 2159071 2159072 2159073 2159074 2159075 2159076 2159077 2160017 2162347 2162349 2164043 2178725 2178726 2178727 2178728
Blocks: 2153798
TreeView+ depends on / blocked
 
Reported: 2022-12-15 17:53 UTC by Rohit Keshri
Modified: 2023-10-10 19:32 UTC (History)
47 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Rohit Keshri 2022-12-15 17:53:10 UTC 
KPTI has fundamental design flaws, allowing any local attacker to easily, quickly, and reliably leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.
Comment 10 Rohit Keshri 2022-12-30 06:32:17 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2157036]
Note You need to log in before you can comment on or make changes to this bug.