Description

A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unauthorized access to some memory of the CPU similar to the speculative execution behavior kind of attacks.

Related CPE's

o

linux

linux_kernel

5.18

rc2

Vulnerable

References

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e2a1256b17b16f9b9adf1b6fea56819e7b68e463

Mailing ListPatch

https://sourceware.org/bugzilla/show_bug.cgi?id=27398

Issue Tracking

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e2a1256b17b16f9b9adf1b6fea56819e7b68e463

Mailing ListPatch

https://sourceware.org/bugzilla/show_bug.cgi?id=27398

Issue Tracking

https://sourceware.org/bugzilla/show_bug.cgi?id=27398

Issue Tracking

Weaknesses

[email protected]

Secondary
CWE-226

[email protected]

Primary
CWE-212

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.5 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-03-27T22:15:21.217

2 years ago

Last modified

2025-02-19T21:15:12.953

4 months ago