Vulnerability Details CVE-2022-29901
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.6%
CVSS Severity
CVSS v3 Score 5.6
CVSS v2 Score 1.9
References
- http://www.openwall.com/lists/oss-security/2022/07/12/2
- http://www.openwall.com/lists/oss-security/2022/07/12/4
- http://www.openwall.com/lists/oss-security/2022/07/12/5
- http://www.openwall.com/lists/oss-security/2022/07/13/1
- https://comsec.ethz.ch/retbleed
- https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html
- https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/
- https://security.gentoo.org/glsa/202402-07
- https://security.netapp.com/advisory/ntap-20221007-0007/
- https://www.debian.org/security/2022/dsa-5207
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html
- https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/
- http://www.openwall.com/lists/oss-security/2022/07/12/2
- http://www.openwall.com/lists/oss-security/2022/07/12/4
- http://www.openwall.com/lists/oss-security/2022/07/12/5
- http://www.openwall.com/lists/oss-security/2022/07/13/1
- https://comsec.ethz.ch/retbleed
- https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html
- https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/
- https://security.gentoo.org/glsa/202402-07
- https://security.netapp.com/advisory/ntap-20221007-0007/
- https://www.debian.org/security/2022/dsa-5207
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html
- https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/
Products affected by CVE-2022-29901
-
cpe:2.3:h:intel:core_i3-6100:-
-
cpe:2.3:h:intel:core_i3-6100e:-
-
cpe:2.3:h:intel:core_i3-6100h:-
-
cpe:2.3:h:intel:core_i3-6100t:-
-
cpe:2.3:h:intel:core_i3-6100te:-
-
cpe:2.3:h:intel:core_i3-6100u:-
-
cpe:2.3:h:intel:core_i3-6102e:-
-
cpe:2.3:h:intel:core_i3-6110u:-
-
cpe:2.3:h:intel:core_i3-6120:-
-
cpe:2.3:h:intel:core_i3-6120t:-
-
cpe:2.3:h:intel:core_i3-6167u:-
-
cpe:2.3:h:intel:core_i3-6300:-
-
cpe:2.3:h:intel:core_i3-6300t:-
-
cpe:2.3:h:intel:core_i3-6320:-
-
cpe:2.3:h:intel:core_i3-6320t:-
-
cpe:2.3:h:intel:core_i3-8000:-
-
cpe:2.3:h:intel:core_i3-8000t:-
-
cpe:2.3:h:intel:core_i3-8020:-
-
cpe:2.3:h:intel:core_i3-8100:-
-
cpe:2.3:h:intel:core_i3-8100h:-
-
cpe:2.3:h:intel:core_i3-8100t:-
-
cpe:2.3:h:intel:core_i3-8109u:-
-
cpe:2.3:h:intel:core_i3-8120:-
-
cpe:2.3:h:intel:core_i3-8130u:-
-
cpe:2.3:h:intel:core_i3-8145u:-
-
cpe:2.3:h:intel:core_i3-8300:-
-
cpe:2.3:h:intel:core_i3-8300t:-
-
cpe:2.3:h:intel:core_i3-8350k:-
-
cpe:2.3:h:intel:core_i5-6200u:-
-
cpe:2.3:h:intel:core_i5-6210u:-
-
cpe:2.3:h:intel:core_i5-6260u:-
-
cpe:2.3:h:intel:core_i5-6267u:-
-
cpe:2.3:h:intel:core_i5-6287u:-
-
cpe:2.3:h:intel:core_i5-6300hq:-
-
cpe:2.3:h:intel:core_i5-6300u:-
-
cpe:2.3:h:intel:core_i5-6310u:-
-
cpe:2.3:h:intel:core_i5-6350hq:-
-
cpe:2.3:h:intel:core_i5-6360u:-
-
cpe:2.3:h:intel:core_i5-6400:-
-
cpe:2.3:h:intel:core_i5-6400t:-
-
cpe:2.3:h:intel:core_i5-6440eq:-
-
cpe:2.3:h:intel:core_i5-6440hq:-
-
cpe:2.3:h:intel:core_i5-6442eq:-
-
cpe:2.3:h:intel:core_i5-6500:-
-
cpe:2.3:h:intel:core_i5-6500t:-
-
cpe:2.3:h:intel:core_i5-6500te:-
-
cpe:2.3:h:intel:core_i5-6600:-
-
cpe:2.3:h:intel:core_i5-6600k:-
-
cpe:2.3:h:intel:core_i5-6600t:-
-
cpe:2.3:h:intel:core_i5-8200y:-
-
cpe:2.3:h:intel:core_i5-8210y:-
-
cpe:2.3:h:intel:core_i5-8250u:-
-
cpe:2.3:h:intel:core_i5-8259u:-
-
cpe:2.3:h:intel:core_i5-8265u:-
-
cpe:2.3:h:intel:core_i5-8269u:-
-
cpe:2.3:h:intel:core_i5-8300h:-
-
cpe:2.3:h:intel:core_i5-8305g:-
-
cpe:2.3:h:intel:core_i5-8310y:-
-
cpe:2.3:h:intel:core_i5-8350u:-
-
cpe:2.3:h:intel:core_i5-8365u:-
-
cpe:2.3:h:intel:core_i5-8400:-
-
cpe:2.3:h:intel:core_i5-8400b:-
-
cpe:2.3:h:intel:core_i5-8400h:-
-
cpe:2.3:h:intel:core_i5-8400t:-
-
cpe:2.3:h:intel:core_i5-8420:-
-
cpe:2.3:h:intel:core_i5-8420t:-
-
cpe:2.3:h:intel:core_i5-8500:-
-
cpe:2.3:h:intel:core_i5-8500b:-
-
cpe:2.3:h:intel:core_i5-8500t:-
-
cpe:2.3:h:intel:core_i5-8550:-
-
cpe:2.3:h:intel:core_i5-8550u:-
-
cpe:2.3:h:intel:core_i5-8600:-
-
cpe:2.3:h:intel:core_i5-8600k:-
-
cpe:2.3:h:intel:core_i5-8600t:-
-
cpe:2.3:h:intel:core_i5-8650:-
-
cpe:2.3:h:intel:core_i5-8650k:-
-
cpe:2.3:h:intel:core_i7-6500u:-
-
cpe:2.3:h:intel:core_i7-6510u:-
-
cpe:2.3:h:intel:core_i7-6560u:-
-
cpe:2.3:h:intel:core_i7-6567u:-
-
cpe:2.3:h:intel:core_i7-6600u:-
-
cpe:2.3:h:intel:core_i7-6650u:-
-
cpe:2.3:h:intel:core_i7-6660u:-
-
cpe:2.3:h:intel:core_i7-6700:-
-
cpe:2.3:h:intel:core_i7-6700hq:-
-
cpe:2.3:h:intel:core_i7-6700k:-
-
cpe:2.3:h:intel:core_i7-6700t:-
-
cpe:2.3:h:intel:core_i7-6700te:-
-
cpe:2.3:h:intel:core_i7-6770hq:-
-
cpe:2.3:h:intel:core_i7-6820eq:-
-
cpe:2.3:h:intel:core_i7-6820hk:-
-
cpe:2.3:h:intel:core_i7-6820hq:-
-
cpe:2.3:h:intel:core_i7-6822eq:-
-
cpe:2.3:h:intel:core_i7-6870hq:-
-
cpe:2.3:h:intel:core_i7-6920hq:-
-
cpe:2.3:h:intel:core_i7-6970hq:-
-
cpe:2.3:h:intel:core_i7-8500y:-
-
cpe:2.3:h:intel:core_i7-8510y:-
-
cpe:2.3:h:intel:core_i7-8550u:-
-
cpe:2.3:h:intel:core_i7-8557u:-
-
cpe:2.3:h:intel:core_i7-8559u:-
-
cpe:2.3:h:intel:core_i7-8560u:-
-
cpe:2.3:h:intel:core_i7-8565u:-
-
cpe:2.3:h:intel:core_i7-8569u:-
-
cpe:2.3:h:intel:core_i7-8650u:-
-
cpe:2.3:h:intel:core_i7-8665u:-
-
cpe:2.3:h:intel:core_i7-8670:-
-
cpe:2.3:h:intel:core_i7-8670t:-
-
cpe:2.3:h:intel:core_i7-8700:-
-
cpe:2.3:h:intel:core_i7-8700b:-
-
cpe:2.3:h:intel:core_i7-8700k:-
-
cpe:2.3:h:intel:core_i7-8700t:-
-
cpe:2.3:h:intel:core_i7-8705g:-
-
cpe:2.3:h:intel:core_i7-8706g:-
-
cpe:2.3:h:intel:core_i7-8709g:-
-
cpe:2.3:h:intel:core_i7-8750h:-
-
cpe:2.3:h:intel:core_i7-8750hf:-
-
cpe:2.3:h:intel:core_i7-8809g:-
-
cpe:2.3:h:intel:core_i7-8850h:-
-
cpe:2.3:h:intel:core_i9-8950hk:-
-
cpe:2.3:h:intel:core_m3-6y30:-
-
cpe:2.3:h:intel:core_m3-8100y:-
-
cpe:2.3:h:intel:core_m5-6y54:-
-
cpe:2.3:h:intel:core_m5-6y57:-
-
cpe:2.3:h:intel:core_m7-6y75:-
-
cpe:2.3:o:debian:debian_linux:10.0
-
cpe:2.3:o:debian:debian_linux:11.0
-
cpe:2.3:o:fedoraproject:fedora:35
-
cpe:2.3:o:fedoraproject:fedora:36
-
cpe:2.3:o:intel:core_i3-6100_firmware:-
-
cpe:2.3:o:intel:core_i3-6100e_firmware:-
-
cpe:2.3:o:intel:core_i3-6100h_firmware:-
-
cpe:2.3:o:intel:core_i3-6100t_firmware:-
-
cpe:2.3:o:intel:core_i3-6100te_firmware:-
-
cpe:2.3:o:intel:core_i3-6100u_firmware:-
-
cpe:2.3:o:intel:core_i3-6102e_firmware:-
-
cpe:2.3:o:intel:core_i3-6110u_firmware:-
-
cpe:2.3:o:intel:core_i3-6120_firmware:-
-
cpe:2.3:o:intel:core_i3-6120t_firmware:-
-
cpe:2.3:o:intel:core_i3-6167u_firmware:-
-
cpe:2.3:o:intel:core_i3-6300_firmware:-
-
cpe:2.3:o:intel:core_i3-6300t_firmware:-
-
cpe:2.3:o:intel:core_i3-6320_firmware:-
-
cpe:2.3:o:intel:core_i3-6320t_firmware:-
-
cpe:2.3:o:intel:core_i3-8000_firmware:-
-
cpe:2.3:o:intel:core_i3-8000t_firmware:-
-
cpe:2.3:o:intel:core_i3-8020_firmware:-
-
cpe:2.3:o:intel:core_i3-8100_firmware:-
-
cpe:2.3:o:intel:core_i3-8100h_firmware:-
-
cpe:2.3:o:intel:core_i3-8100t_firmware:-
-
cpe:2.3:o:intel:core_i3-8109u_firmware:-
-
cpe:2.3:o:intel:core_i3-8120_firmware:-
-
cpe:2.3:o:intel:core_i3-8130u_firmware:-
-
cpe:2.3:o:intel:core_i3-8145u_firmware:-
-
cpe:2.3:o:intel:core_i3-8300_firmware:-
-
cpe:2.3:o:intel:core_i3-8300t_firmware:-
-
cpe:2.3:o:intel:core_i3-8350k_firmware:-
-
cpe:2.3:o:intel:core_i5-6200u_firmware:-
-
cpe:2.3:o:intel:core_i5-6210u_firmware:-
-
cpe:2.3:o:intel:core_i5-6260u_firmware:-
-
cpe:2.3:o:intel:core_i5-6267u_firmware:-
-
cpe:2.3:o:intel:core_i5-6287u_firmware:-
-
cpe:2.3:o:intel:core_i5-6300hq_firmware:-
-
cpe:2.3:o:intel:core_i5-6300u_firmware:-
-
cpe:2.3:o:intel:core_i5-6310u_firmware:-
-
cpe:2.3:o:intel:core_i5-6350hq_firmware:-
-
cpe:2.3:o:intel:core_i5-6360u_firmware:-
-
cpe:2.3:o:intel:core_i5-6400_firmware:-
-
cpe:2.3:o:intel:core_i5-6400t_firmware:-
-
cpe:2.3:o:intel:core_i5-6440eq_firmware:-
-
cpe:2.3:o:intel:core_i5-6440hq_firmware:-
-
cpe:2.3:o:intel:core_i5-6442eq_firmware:-
-
cpe:2.3:o:intel:core_i5-6500_firmware:-
-
cpe:2.3:o:intel:core_i5-6500t_firmware:-
-
cpe:2.3:o:intel:core_i5-6500te_firmware:-
-
cpe:2.3:o:intel:core_i5-6600_firmware:-
-
cpe:2.3:o:intel:core_i5-6600k_firmware:-
-
cpe:2.3:o:intel:core_i5-6600t_firmware:-
-
cpe:2.3:o:intel:core_i5-8200y_firmware:-
-
cpe:2.3:o:intel:core_i5-8210y_firmware:-
-
cpe:2.3:o:intel:core_i5-8250u_firmware:-
-
cpe:2.3:o:intel:core_i5-8259u_firmware:-
-
cpe:2.3:o:intel:core_i5-8265u_firmware:-
-
cpe:2.3:o:intel:core_i5-8269u_firmware:-
-
cpe:2.3:o:intel:core_i5-8300h_firmware:-
-
cpe:2.3:o:intel:core_i5-8305g_firmware:-
-
cpe:2.3:o:intel:core_i5-8310y_firmware:-
-
cpe:2.3:o:intel:core_i5-8350u_firmware:-
-
cpe:2.3:o:intel:core_i5-8365u_firmware:-
-
cpe:2.3:o:intel:core_i5-8400_firmware:-
-
cpe:2.3:o:intel:core_i5-8400b_firmware:-
-
cpe:2.3:o:intel:core_i5-8400h_firmware:-
-
cpe:2.3:o:intel:core_i5-8400t_firmware:-
-
cpe:2.3:o:intel:core_i5-8420_firmware:-
-
cpe:2.3:o:intel:core_i5-8420t_firmware:-
-
cpe:2.3:o:intel:core_i5-8500_firmware:-
-
cpe:2.3:o:intel:core_i5-8500b_firmware:-
-
cpe:2.3:o:intel:core_i5-8500t_firmware:-
-
cpe:2.3:o:intel:core_i5-8550_firmware:-
-
cpe:2.3:o:intel:core_i5-8550u_firmware:-
-
cpe:2.3:o:intel:core_i5-8600_firmware:-
-
cpe:2.3:o:intel:core_i5-8600k_firmware:-
-
cpe:2.3:o:intel:core_i5-8600t_firmware:-
-
cpe:2.3:o:intel:core_i5-8650_firmware:-
-
cpe:2.3:o:intel:core_i5-8650k_firmware:-
-
cpe:2.3:o:intel:core_i7-6500u_firmware:-
-
cpe:2.3:o:intel:core_i7-6510u_firmware:-
-
cpe:2.3:o:intel:core_i7-6560u_firmware:-
-
cpe:2.3:o:intel:core_i7-6567u_firmware:-
-
cpe:2.3:o:intel:core_i7-6600u_firmware:-
-
cpe:2.3:o:intel:core_i7-6650u_firmware:-
-
cpe:2.3:o:intel:core_i7-6660u_firmware:-
-
cpe:2.3:o:intel:core_i7-6700_firmware:-
-
cpe:2.3:o:intel:core_i7-6700hq_firmware:-
-
cpe:2.3:o:intel:core_i7-6700k_firmware:-
-
cpe:2.3:o:intel:core_i7-6700t_firmware:-
-
cpe:2.3:o:intel:core_i7-6700te_firmware:-
-
cpe:2.3:o:intel:core_i7-6770hq_firmware:-
-
cpe:2.3:o:intel:core_i7-6820eq_firmware:-
-
cpe:2.3:o:intel:core_i7-6820hk_firmware:-
-
cpe:2.3:o:intel:core_i7-6820hq_firmware:-
-
cpe:2.3:o:intel:core_i7-6822eq_firmware:-
-
cpe:2.3:o:intel:core_i7-6870hq_firmware:-
-
cpe:2.3:o:intel:core_i7-6920hq_firmware:-
-
cpe:2.3:o:intel:core_i7-6970hq_firmware:-
-
cpe:2.3:o:intel:core_i7-8500y_firmware:-
-
cpe:2.3:o:intel:core_i7-8510y_firmware:-
-
cpe:2.3:o:intel:core_i7-8550u_firmware:-
-
cpe:2.3:o:intel:core_i7-8557u_firmware:-
-
cpe:2.3:o:intel:core_i7-8559u_firmware:-
-
cpe:2.3:o:intel:core_i7-8560u_firmware:-
-
cpe:2.3:o:intel:core_i7-8565u_firmware:-
-
cpe:2.3:o:intel:core_i7-8569u_firmware:-
-
cpe:2.3:o:intel:core_i7-8650u_firmware:-
-
cpe:2.3:o:intel:core_i7-8665u_firmware:-
-
cpe:2.3:o:intel:core_i7-8670_firmware:-
-
cpe:2.3:o:intel:core_i7-8670t_firmware:-
-
cpe:2.3:o:intel:core_i7-8700_firmware:-
-
cpe:2.3:o:intel:core_i7-8700b_firmware:-
-
cpe:2.3:o:intel:core_i7-8700k_firmware:-
-
cpe:2.3:o:intel:core_i7-8700t_firmware:-
-
cpe:2.3:o:intel:core_i7-8705g_firmware:-
-
cpe:2.3:o:intel:core_i7-8706g_firmware:-
-
cpe:2.3:o:intel:core_i7-8709g_firmware:-
-
cpe:2.3:o:intel:core_i7-8750h_firmware:-
-
cpe:2.3:o:intel:core_i7-8750hf_firmware:-
-
cpe:2.3:o:intel:core_i7-8809g_firmware:-
-
cpe:2.3:o:intel:core_i7-8850h_firmware:-
-
cpe:2.3:o:intel:core_i9-8950hk_firmware:-
-
cpe:2.3:o:intel:core_m3-6y30_firmware:-
-
cpe:2.3:o:intel:core_m3-8100y_firmware:-
-
cpe:2.3:o:intel:core_m5-6y54_firmware:-
-
cpe:2.3:o:intel:core_m5-6y57_firmware:-
-
cpe:2.3:o:intel:core_m7-6y75_firmware:-
-
cpe:2.3:o:vmware:esxi:7.0
-
cpe:2.3:o:xen:xen:-