Bug 2107465 (CVE-2022-28693) - CVE-2022-28693 hw: cpu: Intel: information disclosure via local access
Summary: CVE-2022-28693 hw: cpu: Intel: information disclosure via local access
Keywords:
Status: NEW
Alias: CVE-2022-28693
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2108572 2108573 2108574 2108575 2108576 2108577 2108584
Blocks: 2058387
TreeView+ depends on / blocked
 
Reported: 2022-07-15 06:58 UTC by TEJ RATHI
Modified: 2023-09-19 14:13 UTC (History)
51 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in hw. The unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to enable information disclosure via local access.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description TEJ RATHI 2022-07-15 06:58:34 UTC
Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00707.html
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/return-stack-buffer-underflow.html

Comment 3 Petr Matousek 2022-07-19 11:35:34 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2108584]

Comment 4 Wander 2022-07-28 14:28:40 UTC
IIUC, this is a duplicate of BZ2090226.


Note You need to log in before you can comment on or make changes to this bug.