Published: 17/01/2023 Updated: 07/11/2023

A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816) A use-after-free flaw was found in the Linux kernel's Unix socket Garbage Collection and io_uring. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2602) A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-29900) A flaw was found in hw. Non-transparent sharing of branch predictor targets between contexts in some Intel(R) processors may potentially allow an authorized user to enable information disclosure via local access. (CVE-2022-29901) A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition. (CVE-2022-3303) An issue exists in the Linux kernel prior to 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. (CVE-2022-39842)

Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation In addition this updates provides mitigations for the Retbleed speculative execution attack and the MMIO stale data vulnerabilities For additional information please refer to the following pages: xenbitsxenorg/xsa/advisory-404 ...

Synopsis Important: OpenShift Container Platform 41112 security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41112 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impac ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this upd ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Securit ...

Synopsis Moderate: Openshift Logging 5313 security and bug fix release Type/Severity Security Advisory: Moderate Topic An update is now available for OpenShift Logging 53Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed se ...

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated ...

Synopsis Moderate: Red Hat Advanced Cluster Management 248 security fixes and container updates Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 248 GeneralAvailability release images, which fix security issuesRed Hat Product Security has rated this update as having a security impactof Mo ...

Synopsis Moderate: Logging Subsystem 554 - Red Hat OpenShift security update Type/Severity Security Advisory: Moderate Topic Logging Subsystem 554 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...

Synopsis Moderate: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated th ...

Synopsis Moderate: kernel-rt security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this updat ...

Synopsis Moderate: Red Hat Advanced Cluster Management 262 security update and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 262 GeneralAvailability release images, which fix bugs and update container imagesRed Hat Product Security has rated this update as having a security i ...

A flaw was found in hw Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions (CVE-2022-23816) A use-after-free flaw was found in the Linux kernel's Unix socket Garbage Collection and io_uring This flaw allows a local user to crash or potentially ...

A flaw was found in hw Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions (CVE-2022-23816) A flaw was found in hw Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to informatio ...

A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled (CVE-2022-21505) A flaw was found in hw Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions (CVE-2022-23816) A flaw was fou ...

A flaw was found in hw Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions (CVE-2022-23816) A flaw was found in hw Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to informatio ...

Older AMD, Intel chips vulnerable to data-leaking 'Retbleed' Spectre variant

The Register • Thomas Claburn in San Francisco • 01 Jan 1970

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Speculative execution side-channels continue to haunt silicon world

Older AMD and Intel chips are vulnerable to yet another Spectre-based speculative-execution attack that exposes secrets within kernel memory despite defenses already in place. Mitigating this side channel is expected to take a toll on performance. ETH Zurich computer scientists Johannes Wikner and Kaveh Razavi have dubbed the attack Retbleed, which they describe as an addition to the family of speculative-execution flaws known as Spectre-BTI (variant 2) that can be exploited by branch target inj...

CVE-2022-23816

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Recent Articles

References

Vulmon Search

About

Products

Connect