Bug 2207625 (AMD-SN-7005, CVE-2023-20569, RAS) - CVE-2023-20569 hw amd: Return Address Predictor velunerability leading to information disclosure [NEEDINFO]
Summary: CVE-2023-20569 hw amd: Return Address Predictor velunerability leading to inf...
Keywords:
Status: NEW
Alias: AMD-SN-7005, CVE-2023-20569, RAS
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2217875 2217876 2217877 2217878 2230378 2230379 2230381 2230382 2230383 2230384 2230385 2230386 2230388 2230390 2230391 2230392 2230393 2230394 2230395 2230396 2230397 2230406 2230407 2230408 2230409 2230410 2230411 2230412 2230413 2230414 2230415 2230416 2230417 2230418 2230151
Blocks: 2180682
TreeView+ depends on / blocked
 
Reported: 2023-05-16 11:32 UTC by Rohit Keshri
Modified: 2023-08-16 15:04 UTC (History)
52 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A side channel vulnerability was found in hw amd. Some AMD CPUs may allow an attacker to influence the return address prediction. This issue may result in speculative execution at an attacker-controlled instruction pointer register, potentially leading to information disclosure.
Clone Of:
Environment:
Last Closed:
Embargoed:
prodsec-dev: needinfo? (rkeshri)


Attachments (Terms of Use)

Description Rohit Keshri 2023-05-16 11:32:10 UTC
A side channel attack known as ‘Inception’ or ‘RAS Poisoning’ may allow an attacker to influence branch prediction, potentially leading to information disclosure.

Refer:
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html

Comment 10 Rohit Keshri 2023-08-08 19:16:12 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2230151]


Note You need to log in before you can comment on or make changes to this bug.