CVE-2022-29900

Name
CVE-2022-29900
Description
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
CONFIRM http://xenbits.xen.org/xsa/advisory-407.html
MLIST http://www.openwall.com/lists/oss-security/2022/07/12/2
CONFIRM https://comsec.ethz.ch/retbleed
MLIST http://www.openwall.com/lists/oss-security/2022/07/12/5
MLIST http://www.openwall.com/lists/oss-security/2022/07/12/4
MLIST http://www.openwall.com/lists/oss-security/2022/07/13/1
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/
DEBIAN https://www.debian.org/security/2022/dsa-5184
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLSRW4LLTAT3CZMOYVNTC7YIYGX3KLED/
Vendor Advisory https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037
Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/
Third Party Advisory https://www.debian.org/security/2022/dsa-5207
Mailing List https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/
https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/
psirt@amd.com https://security.gentoo.org/glsa/202402-07

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:* xen == None == -
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* debian_linux == None == 11.0
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* fedora == None == 35
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* fedora == None == 36

Vulnerable and fixed packages

Source package Branch Version Maintainer Status