{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-29901","assignerOrgId":"6dda929c-bb53-4a77-a76d-48e79601a1ce","assignerShortName":"intel","dateUpdated":"2024-08-03T06:33:43.000Z","dateReserved":"2022-04-28T00:00:00.000Z","datePublished":"2022-07-12T00:00:00.000Z"},"containers":{"cna":{"title":"Arbitrary Memory Disclosure through CPU Side-Channel Attacks (Retbleed)","providerMetadata":{"orgId":"6dda929c-bb53-4a77-a76d-48e79601a1ce","shortName":"intel","dateUpdated":"2024-02-04T08:06:41.365Z"},"descriptions":[{"lang":"en","value":"Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions."}],"affected":[{"vendor":"Intel","product":"Intel Microprocessors","versions":[{"version":"generations 6 to 8","status":"affected"}]}],"references":[{"url":"https://comsec.ethz.ch/retbleed"},{"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html"},{"name":"[oss-security] 20220712 Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions","tags":["mailing-list"],"url":"http://www.openwall.com/lists/oss-security/2022/07/12/2"},{"name":"[oss-security] 20220712 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions","tags":["mailing-list"],"url":"http://www.openwall.com/lists/oss-security/2022/07/12/4"},{"name":"[oss-security] 20220712 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions","tags":["mailing-list"],"url":"http://www.openwall.com/lists/oss-security/2022/07/12/5"},{"name":"[oss-security] 20220713 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions","tags":["mailing-list"],"url":"http://www.openwall.com/lists/oss-security/2022/07/13/1"},{"name":"FEDORA-2022-c69ef9c1dd","tags":["vendor-advisory"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/"},{"name":"FEDORA-2022-8aab5b5cde","tags":["vendor-advisory"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/"},{"name":"DSA-5207","tags":["vendor-advisory"],"url":"https://www.debian.org/security/2022/dsa-5207"},{"name":"[debian-lts-announce] 20220911 [SECURITY] [DLA 3102-1] linux-5.10 new package","tags":["mailing-list"],"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html"},{"url":"https://security.netapp.com/advisory/ntap-20221007-0007/"},{"name":"[debian-lts-announce] 20221223 [SECURITY] [DLA 3245-1] linux security update","tags":["mailing-list"],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html"},{"url":"https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/"},{"name":"GLSA-202402-07","tags":["vendor-advisory"],"url":"https://security.gentoo.org/glsa/202402-07"}],"credits":[{"lang":"en","value":"Johannes Wikner - ETH Zürich"},{"lang":"en","value":"Kaveh Razavi - ETH Zürich"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.6,"baseSeverity":"MEDIUM"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-200 Information Exposure","cweId":"CWE-200"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"discovery":"EXTERNAL"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T06:33:43.000Z"},"title":"CVE Program Container","references":[{"url":"https://comsec.ethz.ch/retbleed","tags":["x_transferred"]},{"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html","tags":["x_transferred"]},{"name":"[oss-security] 20220712 Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions","tags":["mailing-list","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2022/07/12/2"},{"name":"[oss-security] 20220712 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions","tags":["mailing-list","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2022/07/12/4"},{"name":"[oss-security] 20220712 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions","tags":["mailing-list","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2022/07/12/5"},{"name":"[oss-security] 20220713 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions","tags":["mailing-list","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2022/07/13/1"},{"name":"FEDORA-2022-c69ef9c1dd","tags":["vendor-advisory","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/"},{"name":"FEDORA-2022-8aab5b5cde","tags":["vendor-advisory","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/"},{"name":"DSA-5207","tags":["vendor-advisory","x_transferred"],"url":"https://www.debian.org/security/2022/dsa-5207"},{"name":"[debian-lts-announce] 20220911 [SECURITY] [DLA 3102-1] linux-5.10 new package","tags":["mailing-list","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html"},{"url":"https://security.netapp.com/advisory/ntap-20221007-0007/","tags":["x_transferred"]},{"name":"[debian-lts-announce] 20221223 [SECURITY] [DLA 3245-1] linux security update","tags":["mailing-list","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html"},{"url":"https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/","tags":["x_transferred"]},{"name":"GLSA-202402-07","tags":["vendor-advisory","x_transferred"],"url":"https://security.gentoo.org/glsa/202402-07"}]}]}}