Description
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
Related CPE's
o
fedoraproject
fedora
o
debian
debian_linux
o
microsoft
windows_server_2008
o
microsoft
windows_server_2012
References
http://xenbits.xen.org/xsa/advisory-434.html
https://comsec.ethz.ch/research/microarch/inception/
https://www.debian.org/security/2023/dsa-5475
http://xenbits.xen.org/xsa/advisory-434.html
https://comsec.ethz.ch/research/microarch/inception/
https://www.debian.org/security/2023/dsa-5475
CVSS impact metrics
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
4.7 · Medium
Information
Source identifier
Vulnerability status
Modified
Published
2023-08-08T16:15:11.530Z
2 years agoLast modified
2024-11-21T06:41:08.533Z
1 year ago