Vulnerability-Lookup

alsa-2022:7110

Vulnerability from osv_almalinux

Published

2022-10-25 00:00

Modified

2022-10-27 09:56

Summary

Important: kernel security, bug fix, and enhancement update

Details

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

A use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)
Information leak in scsi_ioctl() (CVE-2022-0494)
A kernel-info-leak issue in pfkey_register (CVE-2022-1353)
RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900)
Branch Type Confusion (non-retbleed) (CVE-2022-23825)
RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

Add s390_iommu_aperture kernel parameter (BZ#2081324)
Blackscreen and hangup after resume from hibernate or S3 with DFGX WX3200 (BZ#2091065)
Update NVME subsystem with bug fixes and minor changes (BZ#2106017)
Fix parsing of nw_proto for IPv6 fragments (BZ#2106703)
"vmcore failed, _exitcode:139" error observed while capturing vmcore during fadump after memory remove. incomplete vmcore is captured. (BZ#2107488)
'disable_policy' is ignored for addresses configured on a down interface (BZ#2109971)
Backport request for new cpufreq.default_governor kernel command line parameter (BZ#2109996)
Panics in mpt3sas mpt3sas_halt_firmware() if mpt3sas_fwfault_debug=1 enabled when poweroff issued to server (BZ#2111140)
IOMMU/DMA update for 8.7 (BZ#2111692)
Update Broadcom Emulex lpfc driver for AlmaLinux8.7 with bug fixes (14.0.0.13) (BZ#2112103)
Incorrect Socket(s) & "Core(s) per socket" reported by lscpu command. (BZ#2112820)
Panic in ch_release() due to NULL ch->device pointer, backport upstream fix (BZ#2115965)
pyverbs-tests fail over qede IW HCAs on "test_query_rc_qp" (tests.test_qp.QPTest) (BZ#2119122)
qedi shutdown handler hangs upon reboot (BZ#2119847)
cache link_info for ethtool (BZ#2120197)
Important iavf bug fixes (BZ#2120225)
Hibernate crash with Aquantia 2.5/5 Gb LAN card (BZ#2124966)
While using PTimekeeper the qede driver produces excessive log messages (BZ#2125477)
general protection fault handling rpc_xprt.timer (BZ#2126184)
Not enough device MSI-X vectors (BZ#2126482)
Atlantic driver panic on wakeup after hybernate (BZ#2127845)
Memory leak in vxlan_xmit_one (BZ#2131255)
Missing hybernate/resume fixes (BZ#2131936)

Enhancement(s):

Update smartpqi driver to latest upstream Second Set of Patches (BZ#2112354)
qed/qede/qedr - driver updates to latest upstream (BZ#2120611)
Update qedi driver to latest upstream (BZ#2120612)
Update qedf driver to latest upstream (BZ#2120613)
Include the support for new NVIDIA Mobile GFX GA103 on ADL Gen Laptops (BZ#2127122)
Need to enable hpilo to support new HPE RL300 Gen11 for ARM (aarch64) (BZ#2129923)

References

URL

Type

	https://access.redhat.com/errata/RHSA-2022:7110	ADVISORY
	https://access.redhat.com/security/cve/CVE-2022-0494	REPORT
	https://access.redhat.com/security/cve/CVE-2022-1353	REPORT
	https://access.redhat.com/security/cve/CVE-2022-23816	REPORT
	https://access.redhat.com/security/cve/CVE-2022-23825	REPORT
	https://access.redhat.com/security/cve/CVE-2022-2588	REPORT
	https://access.redhat.com/security/cve/CVE-2022-29900	REPORT
	https://access.redhat.com/security/cve/CVE-2022-29901	REPORT
	https://bugzilla.redhat.com/2039448	REPORT
	https://bugzilla.redhat.com/2066819	REPORT
	https://bugzilla.redhat.com/2090226	REPORT
	https://bugzilla.redhat.com/2103148	REPORT
	https://bugzilla.redhat.com/2103153	REPORT
	https://bugzilla.redhat.com/2114849	REPORT
	https://errata.almalinux.org/8/ALSA-2022-7110.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "bpftool"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-abi-stablelists"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-cross-headers"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-debug"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-debug-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-debug-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-debug-modules"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-debug-modules-extra"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-doc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-headers"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-modules"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-modules-extra"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-tools-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-tools-libs-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "perf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "python3-perf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-372.32.1.el8_6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n* Information leak in scsi_ioctl() (CVE-2022-0494)\n* A kernel-info-leak issue in pfkey_register (CVE-2022-1353)\n* RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900)\n* Branch Type Confusion (non-retbleed) (CVE-2022-23825)\n* RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Add s390_iommu_aperture kernel parameter (BZ#2081324)\n* Blackscreen and hangup after resume from hibernate or S3 with DFGX WX3200 (BZ#2091065)\n* Update NVME subsystem with bug fixes and minor changes (BZ#2106017)\n* Fix parsing of nw_proto for IPv6 fragments (BZ#2106703)\n* \"vmcore failed, _exitcode:139\" error observed while capturing vmcore during fadump after memory remove. incomplete vmcore is captured. (BZ#2107488)\n* \u0027disable_policy\u0027 is ignored for addresses configured on a down interface (BZ#2109971)\n* Backport request for new cpufreq.default_governor kernel command line parameter (BZ#2109996)\n* Panics in mpt3sas mpt3sas_halt_firmware() if mpt3sas_fwfault_debug=1 enabled when poweroff issued to server (BZ#2111140)\n* IOMMU/DMA update for 8.7 (BZ#2111692)\n* Update Broadcom Emulex lpfc driver for AlmaLinux8.7 with bug fixes (14.0.0.13) (BZ#2112103)\n* Incorrect Socket(s) \u0026 \"Core(s) per socket\" reported by lscpu command. (BZ#2112820)\n* Panic in ch_release() due to NULL ch-\u003edevice pointer, backport upstream fix (BZ#2115965)\n* pyverbs-tests fail over qede IW HCAs on \"test_query_rc_qp\" (tests.test_qp.QPTest) (BZ#2119122)\n* qedi shutdown handler hangs upon reboot (BZ#2119847)\n* cache link_info for ethtool (BZ#2120197)\n* Important iavf bug fixes (BZ#2120225)\n* Hibernate crash with Aquantia 2.5/5 Gb LAN card (BZ#2124966)\n* While using PTimekeeper the qede driver produces excessive log messages (BZ#2125477)\n* general protection fault handling rpc_xprt.timer (BZ#2126184)\n* Not enough device MSI-X vectors (BZ#2126482)\n* Atlantic driver panic on wakeup after hybernate (BZ#2127845)\n* Memory leak in vxlan_xmit_one (BZ#2131255)\n* Missing hybernate/resume fixes (BZ#2131936)\n\nEnhancement(s):\n\n* Update smartpqi driver to latest upstream Second Set of Patches (BZ#2112354)\n* qed/qede/qedr - driver updates to latest upstream (BZ#2120611)\n* Update qedi driver to latest upstream (BZ#2120612)\n* Update qedf driver to latest upstream (BZ#2120613)\n* Include the support for new NVIDIA Mobile GFX GA103 on ADL Gen Laptops (BZ#2127122)\n* Need to enable hpilo to support new HPE RL300 Gen11 for ARM (aarch64) (BZ#2129923)",
  "id": "ALSA-2022:7110",
  "modified": "2022-10-27T09:56:48Z",
  "published": "2022-10-25T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2022:7110"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-0494"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-1353"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-23816"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-23825"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-2588"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-29900"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-29901"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2039448"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2066819"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2090226"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2103148"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2103153"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2114849"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2022-7110.html"
    }
  ],
  "related": [
    "CVE-2022-2588",
    "CVE-2022-0494",
    "CVE-2022-1353",
    "CVE-2022-23816",
    "CVE-2022-29900",
    "CVE-2022-23825",
    "CVE-2022-29901"
  ],
  "summary": "Important: kernel security, bug fix, and enhancement update"
}

CVE-2022-23816 (GCVE-0-2022-23816)

Vulnerability from cvelistv5 – Published: – Updated: 2023-01-17 00:00

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2023-01-17T00:00:00.000Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2022-23816",
    "dateRejected": "2023-01-17T00:00:00.000Z",
    "dateReserved": "2022-01-21T00:00:00.000Z",
    "dateUpdated": "2023-01-17T00:00:00.000Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.0"
}

CVE-2022-29900 (GCVE-0-2022-29900)

Vulnerability from cvelistv5 – Published: 2022-07-12 15:50 – Updated: 2024-11-20 16:13

Summary

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.

Severity ?

No CVSS data available.

CWE

Assigner

AMD

References

URL

Tags

	https://www.amd.com/en/corporate/product-security…
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://www.debian.org/security/2022/dsa-5207	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2022…	mailing-list
	https://www.secpod.com/blog/retbleed-intel-and-am…
	https://security.gentoo.org/glsa/202402-07	vendor-advisory

Impacted products

	Vendor	Product	Version
	AMD	AMD Processors	Affected: Processor Some AMD Processors

Date Public ?

2022-07-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:33:43.145Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037"
          },
          {
            "name": "FEDORA-2022-a0d7a5eaf2",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/"
          },
          {
            "name": "DSA-5207",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5207"
          },
          {
            "name": "[debian-lts-announce] 20220911 [SECURITY] [DLA 3102-1] linux-5.10 new package",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/"
          },
          {
            "name": "GLSA-202402-07",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202402-07"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-29900",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-20T16:09:18.710200Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-20T16:13:31.449Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AMD Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "Processor  Some AMD Processors"
            }
          ]
        }
      ],
      "datePublic": "2022-07-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "NA",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-04T08:06:53.374Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037"
        },
        {
          "name": "FEDORA-2022-a0d7a5eaf2",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/"
        },
        {
          "name": "DSA-5207",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5207"
        },
        {
          "name": "[debian-lts-announce] 20220911 [SECURITY] [DLA 3102-1] linux-5.10 new package",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html"
        },
        {
          "url": "https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/"
        },
        {
          "name": "GLSA-202402-07",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202402-07"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2022-29900",
    "datePublished": "2022-07-12T15:50:10.585Z",
    "dateReserved": "2022-04-28T00:00:00.000Z",
    "dateUpdated": "2024-11-20T16:13:31.449Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-23825 (GCVE-0-2022-23825)

Vulnerability from cvelistv5 – Published: 2022-07-14 19:27 – Updated: 2024-09-16 17:48

Summary

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.

Severity ?

No CVSS data available.

CWE

Assigner

AMD

References

URL

Tags

	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://www.amd.com/en/corporate/product-security…
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://www.debian.org/security/2022/dsa-5184	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	http://www.openwall.com/lists/oss-security/2022/11/08/1	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/10/2	mailing-list
	https://security.gentoo.org/glsa/202402-07	vendor-advisory

Impacted products

	Vendor	Product	Version
	AMD	AMD Processors	Affected: Processor Some AMD Processors

Date Public ?

2022-07-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:51:46.140Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2022-c69ef9c1dd",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037"
          },
          {
            "name": "FEDORA-2022-8aab5b5cde",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/"
          },
          {
            "name": "DSA-5184",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5184"
          },
          {
            "name": "FEDORA-2022-3e6ce58029",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLSRW4LLTAT3CZMOYVNTC7YIYGX3KLED/"
          },
          {
            "name": "FEDORA-2022-a0d7a5eaf2",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/"
          },
          {
            "name": "[oss-security] 20221108 Xen Security Advisory 422 v1 (CVE-2022-23824) - x86: Multiple speculative security issues",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/08/1"
          },
          {
            "name": "[oss-security] 20221110 Xen Security Advisory 422 v2 (CVE-2022-23824) - x86: Multiple speculative security issues",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/10/2"
          },
          {
            "name": "GLSA-202402-07",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202402-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AMD Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "Processor  Some AMD Processors"
            }
          ]
        }
      ],
      "datePublic": "2022-07-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "NA",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-04T08:06:51.356Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "name": "FEDORA-2022-c69ef9c1dd",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/"
        },
        {
          "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037"
        },
        {
          "name": "FEDORA-2022-8aab5b5cde",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/"
        },
        {
          "name": "DSA-5184",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5184"
        },
        {
          "name": "FEDORA-2022-3e6ce58029",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLSRW4LLTAT3CZMOYVNTC7YIYGX3KLED/"
        },
        {
          "name": "FEDORA-2022-a0d7a5eaf2",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/"
        },
        {
          "name": "[oss-security] 20221108 Xen Security Advisory 422 v1 (CVE-2022-23824) - x86: Multiple speculative security issues",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/08/1"
        },
        {
          "name": "[oss-security] 20221110 Xen Security Advisory 422 v2 (CVE-2022-23824) - x86: Multiple speculative security issues",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/10/2"
        },
        {
          "name": "GLSA-202402-07",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202402-07"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2022-23825",
    "datePublished": "2022-07-14T19:27:08.292Z",
    "dateReserved": "2022-01-21T00:00:00.000Z",
    "dateUpdated": "2024-09-16T17:48:09.000Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-2588 (GCVE-0-2022-2588)

Vulnerability from cvelistv5 – Published: 2024-01-08 17:50 – Updated: 2025-05-22 18:23

Summary

It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H

CWE

CWE-416

Assigner

canonical

References

URL

Tags

	https://ubuntu.com/security/notices/USN-5565-1	third-party-advisory
	https://ubuntu.com/security/notices/USN-5562-1	third-party-advisory
	https://www.openwall.com/lists/oss-security/2022/…	issue-tracking
	https://ubuntu.com/security/notices/USN-5582-1	third-party-advisory
	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CV…	issue-tracking
	https://ubuntu.com/security/notices/USN-5564-1	third-party-advisory
	https://ubuntu.com/security/notices/USN-5566-1	third-party-advisory
	https://www.zerodayinitiative.com/advisories/ZDI-…	issue-tracking
	https://ubuntu.com/security/notices/USN-5588-1	third-party-advisory
	https://ubuntu.com/security/notices/USN-5560-1	third-party-advisory
	https://github.com/Markakd/CVE-2022-2588	issue-tracking
	https://ubuntu.com/security/notices/USN-5567-1	third-party-advisory
	https://ubuntu.com/security/notices/USN-5560-2	third-party-advisory
	https://lore.kernel.org/netdev/20220809170518.164…	issue-tracking
	https://ubuntu.com/security/notices/USN-5557-1	third-party-advisory

Impacted products

	Vendor	Product	Version
	The Linux Kernel Organization	linux	Affected: 0 , < 6.0~rc1 (semver)

Credits

Zhenpeng Lin working with Trend Micro's Zero Day Initiative

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:39:08.044Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-5565-1"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-5562-1"
          },
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2022/08/09/6"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-5582-1"
          },
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-5564-1"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-5566-1"
          },
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1117/"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-5588-1"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-5560-1"
          },
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://github.com/Markakd/CVE-2022-2588"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-5567-1"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-5560-2"
          },
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://lore.kernel.org/netdev/20220809170518.164662-1-cascardo@canonical.com/T/#u"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-5557-1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-2588",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-06T20:44:16.386267Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-22T18:23:25.184Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "packageName": "linux",
          "platforms": [
            "Linux"
          ],
          "product": "linux",
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git",
          "vendor": "The Linux Kernel Organization",
          "versions": [
            {
              "lessThan": "6.0~rc1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Zhenpeng Lin working with Trend Micro\u0027s Zero Day Initiative"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-08T17:50:47.948Z",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-5565-1"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-5562-1"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://www.openwall.com/lists/oss-security/2022/08/09/6"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-5582-1"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-5564-1"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-5566-1"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1117/"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-5588-1"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-5560-1"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/Markakd/CVE-2022-2588"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-5567-1"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-5560-2"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://lore.kernel.org/netdev/20220809170518.164662-1-cascardo@canonical.com/T/#u"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-5557-1"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2022-2588",
    "datePublished": "2024-01-08T17:50:47.948Z",
    "dateReserved": "2022-07-29T23:41:31.412Z",
    "dateUpdated": "2025-05-22T18:23:25.184Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-1353 (GCVE-0-2022-1353)

Vulnerability from cvelistv5 – Published: 2022-04-29 15:46 – Updated: 2024-08-03 00:03

Summary

A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.

Severity ?

No CVSS data available.

CWE

CWE-200

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=2066819	x_refsource_MISC
	https://github.com/torvalds/linux/commit/9a564bcc…	x_refsource_MISC
	https://www.debian.org/security/2022/dsa-5127	vendor-advisoryx_refsource_DEBIAN
	https://security.netapp.com/advisory/ntap-2022062…	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2022…	mailing-listx_refsource_MLIST
	https://www.debian.org/security/2022/dsa-5173	vendor-advisoryx_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	Kernel	Affected: kernel 5.17 rc12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:03:05.935Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066819"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/9a564bccb78a76740ea9d75a259942df8143d02c"
          },
          {
            "name": "DSA-5127",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5127"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220629-0001/"
          },
          {
            "name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
          },
          {
            "name": "DSA-5173",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5173"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Kernel",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "kernel 5.17 rc12"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-04T10:08:21.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066819"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/9a564bccb78a76740ea9d75a259942df8143d02c"
        },
        {
          "name": "DSA-5127",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5127"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20220629-0001/"
        },
        {
          "name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
        },
        {
          "name": "DSA-5173",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5173"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2022-1353",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "kernel 5.17 rc12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2066819",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066819"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/9a564bccb78a76740ea9d75a259942df8143d02c",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/9a564bccb78a76740ea9d75a259942df8143d02c"
            },
            {
              "name": "DSA-5127",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5127"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220629-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20220629-0001/"
            },
            {
              "name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
            },
            {
              "name": "DSA-5173",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5173"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-1353",
    "datePublished": "2022-04-29T15:46:44.000Z",
    "dateReserved": "2022-04-14T00:00:00.000Z",
    "dateUpdated": "2024-08-03T00:03:05.935Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-29901 (GCVE-0-2022-29901)

Vulnerability from cvelistv5 – Published: 2022-07-12 00:00 – Updated: 2024-08-03 06:33

Title

Arbitrary Memory Disclosure through CPU Side-Channel Attacks (Retbleed)

Summary

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

Severity ?

5.6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-200 - Information Exposure

Assigner

intel

References

URL

Tags

	https://comsec.ethz.ch/retbleed
	https://www.intel.com/content/www/us/en/security-…
	http://www.openwall.com/lists/oss-security/2022/07/12/2	mailing-list
	http://www.openwall.com/lists/oss-security/2022/07/12/4	mailing-list
	http://www.openwall.com/lists/oss-security/2022/07/12/5	mailing-list
	http://www.openwall.com/lists/oss-security/2022/07/13/1	mailing-list
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://www.debian.org/security/2022/dsa-5207	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2022…	mailing-list
	https://security.netapp.com/advisory/ntap-2022100…
	https://lists.debian.org/debian-lts-announce/2022…	mailing-list
	https://www.secpod.com/blog/retbleed-intel-and-am…
	https://security.gentoo.org/glsa/202402-07	vendor-advisory

Impacted products

	Vendor	Product	Version
	Intel	Intel Microprocessors	Affected: generations 6 to 8

Credits

Johannes Wikner - ETH Zürich Kaveh Razavi - ETH Zürich

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:33:43.000Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://comsec.ethz.ch/retbleed"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html"
          },
          {
            "name": "[oss-security] 20220712 Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/07/12/2"
          },
          {
            "name": "[oss-security] 20220712 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/07/12/4"
          },
          {
            "name": "[oss-security] 20220712 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/07/12/5"
          },
          {
            "name": "[oss-security] 20220713 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/07/13/1"
          },
          {
            "name": "FEDORA-2022-c69ef9c1dd",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/"
          },
          {
            "name": "FEDORA-2022-8aab5b5cde",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/"
          },
          {
            "name": "DSA-5207",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5207"
          },
          {
            "name": "[debian-lts-announce] 20220911 [SECURITY] [DLA 3102-1] linux-5.10 new package",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20221007-0007/"
          },
          {
            "name": "[debian-lts-announce] 20221223 [SECURITY] [DLA 3245-1] linux security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/"
          },
          {
            "name": "GLSA-202402-07",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202402-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel Microprocessors",
          "vendor": "Intel",
          "versions": [
            {
              "status": "affected",
              "version": "generations 6 to 8"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Wikner - ETH Z\u00fcrich"
        },
        {
          "lang": "en",
          "value": "Kaveh Razavi - ETH Z\u00fcrich"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200 Information Exposure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-04T08:06:41.365Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "url": "https://comsec.ethz.ch/retbleed"
        },
        {
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html"
        },
        {
          "name": "[oss-security] 20220712 Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/07/12/2"
        },
        {
          "name": "[oss-security] 20220712 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/07/12/4"
        },
        {
          "name": "[oss-security] 20220712 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/07/12/5"
        },
        {
          "name": "[oss-security] 20220713 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/07/13/1"
        },
        {
          "name": "FEDORA-2022-c69ef9c1dd",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/"
        },
        {
          "name": "FEDORA-2022-8aab5b5cde",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/"
        },
        {
          "name": "DSA-5207",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5207"
        },
        {
          "name": "[debian-lts-announce] 20220911 [SECURITY] [DLA 3102-1] linux-5.10 new package",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20221007-0007/"
        },
        {
          "name": "[debian-lts-announce] 20221223 [SECURITY] [DLA 3245-1] linux security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html"
        },
        {
          "url": "https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/"
        },
        {
          "name": "GLSA-202402-07",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202402-07"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Arbitrary Memory Disclosure through CPU Side-Channel Attacks (Retbleed)",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2022-29901",
    "datePublished": "2022-07-12T00:00:00.000Z",
    "dateReserved": "2022-04-28T00:00:00.000Z",
    "dateUpdated": "2024-08-03T06:33:43.000Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-0494 (GCVE-0-2022-0494)

Vulnerability from cvelistv5 – Published: 2022-03-25 18:03 – Updated: 2024-08-02 23:32

Summary

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.

Severity ?

No CVSS data available.

CWE

CWE-200

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=2039448	x_refsource_MISC
	https://lore.kernel.org/all/20220216084038.15635-…	x_refsource_MISC
	https://www.debian.org/security/2022/dsa-5161	vendor-advisoryx_refsource_DEBIAN
	https://lists.debian.org/debian-lts-announce/2022…	mailing-listx_refsource_MLIST
	https://www.debian.org/security/2022/dsa-5173	vendor-advisoryx_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	kernel	Affected: kernel 5.17 rc5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:32:46.327Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039448"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel%40gmail.com/"
          },
          {
            "name": "DSA-5161",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5161"
          },
          {
            "name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
          },
          {
            "name": "DSA-5173",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5173"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kernel",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "kernel 5.17 rc5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-04T10:07:48.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039448"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel%40gmail.com/"
        },
        {
          "name": "DSA-5161",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5161"
        },
        {
          "name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
        },
        {
          "name": "DSA-5173",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5173"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2022-0494",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "kernel 5.17 rc5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2039448",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039448"
            },
            {
              "name": "https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel@gmail.com/",
              "refsource": "MISC",
              "url": "https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel@gmail.com/"
            },
            {
              "name": "DSA-5161",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5161"
            },
            {
              "name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
            },
            {
              "name": "DSA-5173",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5173"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-0494",
    "datePublished": "2022-03-25T18:03:05.000Z",
    "dateReserved": "2022-02-04T00:00:00.000Z",
    "dateUpdated": "2024-08-02T23:32:46.327Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

alsa-2022:7110

Vulnerability from osv_almalinux

CVE-2022-23816 (GCVE-0-2022-23816)

CVE-2022-29900 (GCVE-0-2022-29900)

CVE-2022-23825 (GCVE-0-2022-23825)

CVE-2022-2588 (GCVE-0-2022-2588)

CVE-2022-1353 (GCVE-0-2022-1353)

CVE-2022-29901 (GCVE-0-2022-29901)

CVE-2022-0494 (GCVE-0-2022-0494)

Tags

Sightings

Nomenclature