2090243 – (CVE-2022-21127) CVE-2022-21127 hw: cpu: Incomplete cleanup in specific special register read operations (aka SRBDS update)

Bug 2090243 (CVE-2022-21127) - CVE-2022-21127 hw: cpu: Incomplete cleanup in specific special register read operations (aka SRBDS update)

Summary: CVE-2022-21127 hw: cpu: Incomplete cleanup in specific special register read ...

Keywords:
Status:	NEW
Alias:	CVE-2022-21127
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2090258 2090259 2090260 2090261
Blocks:	2004886
TreeView+	depends on / blocked

Reported:	2022-05-25 12:42 UTC by Petr Matousek
Modified:	2023-12-07 15:26 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in hw. Incomplete cleanup in specific special register read operations for some Intel® Processors may allow an authenticated user to enable information disclosure via local access.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Petr Matousek 2022-05-25 12:42:59 UTC

Some processors do not properly clean up and remove temporary or supporting resources after they have been used.

References:

https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html

Note You need to log in before you can comment on or make changes to this bug.