exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 29 of 29 RSS Feed

CVE-2022-40982

Status Candidate

Overview

Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Related Files

Ubuntu Security Notice USN-6315-1
Posted Aug 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6315-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2023-20593, CVE-2023-21400, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
SHA-256 | 873c4cefd57f45a1c8bc078ea3edde1dcdd2a6df91f90b68d4e4fd025a0371b4
Ubuntu Security Notice USN-6286-1
Posted Aug 14, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6286-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. It was discovered that some Intel Xeon Processors did not properly restrict error injection for Intel SGX or Intel TDX. A local privileged user could use this to further escalate their privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-40982, CVE-2022-41804, CVE-2023-23908
SHA-256 | c0c75d64309f39dd0c71d8e92d6ad8cf29041158c1a43956be78cc32f0d30aa2
Debian Security Advisory 5475-1
Posted Aug 11, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5475-1 - Daniel Moghimi discovered Gather Data Sampling (GDS), a hardware vulnerability for Intel CPUs which allows unprivileged speculative access to data which was previously stored in vector registers. This mitigation requires updated CPU microcode provided in the intel-microcode package. Daniel Trujillo, Johannes Wikner and Kaveh Razavi discovered INCEPTION, also known as Speculative Return Stack Overflow (SRSO), a transient execution attack that leaks arbitrary data on all AMD Zen CPUs. An attacker can mis-train the CPU BTB to predict non-architectural CALL instructions in kernel space and use this to control the speculative target of a subsequent kernel RET, potentially leading to information disclosure via a speculative side-channel.

tags | advisory, overflow, arbitrary, kernel, info disclosure
systems | linux, debian
advisories | CVE-2022-40982, CVE-2023-20569
SHA-256 | 95ac8bf618237ec9a9702db5e01782fb41ac590afd3c1d06d81109f4cc731eeb
Debian Security Advisory 5474-1
Posted Aug 11, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5474-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2022-40982, CVE-2022-41804, CVE-2023-23908
SHA-256 | 4a22e3b631a399258cd26d74fcd8d2415119e5dababff03ad6715692ca4596f2
Page 2 of 2
Back12Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close