A bug in the IMA subsystem exists which would incorrectly allow kexec to be used when kernel lockdown was enabled (CVE-2022-21505) A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816) A flaw was found in hw. Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to information disclosure. (CVE-2022-23825) A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation (eIBRS) capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer (RSB) prediction. (CVE-2022-26373) A flaw was found in hw. The unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to enable information disclosure via local access. (CVE-2022-28693) A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-29900) A flaw was found in hw. Non-transparent sharing of branch predictor targets between contexts in some Intel(R) processors may potentially allow an authorized user to enable information disclosure via local access. (CVE-2022-29901) The Linux kernel prior to 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges. (CVE-2022-36123) An issue exists in the Linux kernel up to and including 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879) A memory corruption flaw was found in the Linux kernel's Netfilter subsystem in the way a local user uses the libnetfilter_queue when analyzing a corrupted network packet. This flaw allows a local user to crash the system or a remote user to crash the system when the libnetfilter_queue is used by a local user. (CVE-2022-36946)
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
debian debian linux 11.0 |
||
fedoraproject fedora 35 |
||
fedoraproject fedora 36 |
||
amd athlon_x4_750_firmware - |
||
amd athlon_x4_760k_firmware - |
||
amd athlon_x4_830_firmware - |
||
amd athlon_x4_835_firmware - |
||
amd athlon_x4_840_firmware - |
||
amd athlon_x4_845_firmware - |
||
amd athlon_x4_860k_firmware - |
||
amd athlon_x4_870k_firmware - |
||
amd athlon_x4_880k_firmware - |
||
amd athlon_x4_940_firmware - |
||
amd athlon_x4_950_firmware - |
||
amd athlon_x4_970_firmware - |
||
amd ryzen_threadripper_pro_3995wx_firmware - |
||
amd ryzen_threadripper_pro_3795wx_firmware - |
||
amd ryzen_threadripper_pro_3955wx_firmware - |
||
amd ryzen_threadripper_pro_3945wx_firmware - |
||
amd ryzen_threadripper_pro_5955wx_firmware - |
||
amd ryzen_threadripper_pro_5965wx_firmware - |
||
amd ryzen_threadripper_pro_5945wx_firmware - |
||
amd ryzen_threadripper_pro_5975wx_firmware - |
||
amd ryzen_threadripper_pro_5995wx_firmware - |
||
amd ryzen_threadripper_2990wx_firmware - |
||
amd ryzen_threadripper_2970wx_firmware - |
||
amd ryzen_threadripper_2950x_firmware - |
||
amd ryzen_threadripper_2920x_firmware - |
||
amd ryzen_threadripper_3990x_firmware - |
||
amd ryzen_threadripper_3970x_firmware - |
||
amd ryzen_threadripper_3960x_firmware - |
||
amd a12-9700p_firmware - |
||
amd a12-9730p_firmware - |
||
amd a10-9600p_firmware - |
||
amd a10-9630p_firmware - |
||
amd a9-9410_firmware - |
||
amd a9-9420_firmware - |
||
amd a6-9210_firmware - |
||
amd a6-9220_firmware - |
||
amd a6-9220c_firmware - |
||
amd a4-9120_firmware - |
||
amd ryzen_3_2200u_firmware - |
||
amd ryzen_3_2300u_firmware - |
||
amd ryzen_5_2500u_firmware - |
||
amd ryzen_5_2600_firmware - |
||
amd ryzen_5_2600h_firmware - |
||
amd ryzen_5_2600x_firmware - |
||
amd ryzen_5_2700_firmware - |
||
amd ryzen_5_2700x_firmware - |
||
amd ryzen_7_2700_firmware - |
||
amd ryzen_7_2700u_firmware - |
||
amd ryzen_7_2700x_firmware - |
||
amd ryzen_7_2800h_firmware - |
||
amd ryzen_3_3100_firmware - |
||
amd ryzen_3_3200u_firmware - |
||
amd ryzen_3_3250u_firmware - |
||
amd ryzen_3_3300g_firmware - |
||
amd ryzen_3_3300u_firmware - |
||
amd ryzen_3_3300x_firmware - |
||
amd ryzen_5_3400g_firmware - |
||
amd ryzen_5_3450g_firmware - |
||
amd ryzen_5_3500u_firmware - |
||
amd ryzen_5_3550h_firmware - |
||
amd ryzen_5_3600_firmware - |
||
amd ryzen_5_3600x_firmware - |
||
amd ryzen_5_3600xt_firmware - |
||
amd ryzen_7_3700u_firmware - |
||
amd ryzen_7_3700x_firmware - |
||
amd ryzen_7_3750h_firmware - |
||
amd ryzen_7_3800x_firmware - |
||
amd ryzen_7_3800xt_firmware - |
||
amd ryzen_7_4700g_firmware - |
||
amd ryzen_7_4700ge_firmware - |
||
amd ryzen_5_4600g_firmware - |
||
amd ryzen_5_4600ge_firmware - |
||
amd ryzen_3_4300g_firmware - |
||
amd ryzen_3_4300ge_firmware - |
||
amd ryzen_9_4900h_firmware - |
||
amd ryzen_7_4800u_firmware - |
||
amd ryzen_7_4700u_firmware - |
||
amd ryzen_7_4800h_firmware - |
||
amd ryzen_5_4600u_firmware - |
||
amd ryzen_5_4500u_firmware - |
||
amd ryzen_5_4600h_firmware - |
||
amd ryzen_3_4300u_firmware - |
||
amd athlon_gold_3150u_firmware - |
||
amd athlon_silver_3050u_firmware - |
||
amd epyc_7001_firmware - |
||
amd epyc_7251_firmware - |
||
amd epyc_7261_firmware - |
||
amd epyc_7281_firmware - |
||
amd epyc_7301_firmware - |
||
amd epyc_7351_firmware - |
||
amd epyc_7351p_firmware - |
||
amd epyc_7371_firmware - |
||
amd epyc_7401_firmware - |
||
amd epyc_7401p_firmware - |
||
amd epyc_7451_firmware - |
||
amd epyc_7501_firmware - |
||
amd epyc_7551_firmware - |
||
amd epyc_7551p_firmware - |
||
amd epyc_7601_firmware - |
||
amd epyc_7002_firmware - |
||
amd epyc_7252_firmware - |
||
amd epyc_7262_firmware - |
||
amd epyc_7272_firmware - |
||
amd epyc_7282_firmware - |
||
amd epyc_7302_firmware - |
||
amd epyc_7302p_firmware - |
||
amd epyc_7352_firmware - |
||
amd epyc_7402_firmware - |
||
amd epyc_7402p_firmware - |
||
amd epyc_7452_firmware - |
||
amd epyc_7502_firmware - |
||
amd epyc_7502p_firmware - |
||
amd epyc_7532_firmware - |
||
amd epyc_7542_firmware - |
||
amd epyc_7552_firmware - |
||
amd epyc_7642_firmware - |
||
amd epyc_7662_firmware - |
||
amd epyc_7702_firmware - |
||
amd epyc_7742_firmware - |
||
amd epyc_7f32_firmware - |
||
amd epyc_7f52_firmware - |
||
amd epyc_7f72_firmware - |
||
amd epyc_7h12_firmware - |
||
vmware esxi 7.0 |
Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Speculative execution side-channels continue to haunt silicon world
Older AMD and Intel chips are vulnerable to yet another Spectre-based speculative-execution attack that exposes secrets within kernel memory despite defenses already in place. Mitigating this side channel is expected to take a toll on performance. ETH Zurich computer scientists Johannes Wikner and Kaveh Razavi have dubbed the attack Retbleed, which they describe as an addition to the family of speculative-execution flaws known as Spectre-BTI (variant 2) that can be exploited by branch target inj...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources It's like a nesting doll of security flaws
AMD processor users, you have another data-leaking vulnerability to deal with: like Zenbleed, this latest hole can be to steal sensitive data from a running vulnerable machine. The flaw (CVE-2023-20569), dubbed Inception in reference to the Christopher Nolan flick about manipulating a person's dreams to achieve a desired outcome in the real world, was disclosed by ETH Zurich academics this week. And yes, it's another speculative-execution-based side-channel that malware or a rogue logged-in user...
Vulmon