CVE-2022-40982

Description

Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Related CPE's

oredhatenterprise_linux7.0*******

oxenxen-*******

oredhatenterprise_linux6.0*******

oredhatenterprise_linux8.0*******

oredhatenterprise_linux9.0*******

ointelmicrocode********

hintelceleron_5205u-*******

hintelceleron_5305u-*******

hintelceleron_g4900-*******

hintelceleron_g4900t-*******

References

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html

ExploitMitigationVendor Advisory

https://downfall.page

ExploitTechnical DescriptionThird Party Advisory

https://aws.amazon.com/security/security-bulletins/AWS-2023-007/

Third Party Advisory

https://access.redhat.com/solutions/7027704

Third Party Advisory

https://xenbits.xen.org/xsa/advisory-435.html

MitigationThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html

Mailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20230811-0001/

Third Party Advisory

https://www.debian.org/security/2023/dsa-5475

Mailing ListThird Party Advisory

https://www.debian.org/security/2023/dsa-5474

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io