Retbleed vulnerability CVE-2022-29900, CVE-2022-29901
search cancel

Retbleed vulnerability CVE-2022-29900, CVE-2022-29901

book

Article ID: 245979

calendar_today

Updated On:

Products

ISG Proxy

Issue/Introduction

New Vulnerability CVE-2022-29900, CVE-2022-29901

 
Description of the vulnerability:
https://www.cve.org/CVERecord?id=CVE-2022-29901
https://www.cve.org/CVERecord?id=CVE-2022-29900
 

CVE-2022-29901 Detail

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.
 

CVE-2022-29900 Detail

AMD microprocessor families 15h to 18h are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

Environment

 

 

Resolution

N/A

Additional Information

 ISG is not vulnerable to the CVEs