CVSS: 6.5EPSS: 0%CPEs: 264EXPL: 0CVE-2022-23825 – hw: cpu: AMD: Branch Type Confusion (non-retbleed)
https://notcve.org/view.php?id=CVE-2022-23825
14 Jul 2022 — Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. Los alias en el predictor de bifurcación pueden causar que algunos procesadores AMD predigan el tipo de bifurcación incorrecto, conllevando a una divulgación de información A flaw was found in hw. Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to information disclosure. Red Hat Advanced Cluster Manag... • http://www.openwall.com/lists/oss-security/2022/11/08/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.5EPSS: 1%CPEs: 250EXPL: 0CVE-2022-29900 – hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions
https://notcve.org/view.php?id=CVE-2022-29900
12 Jul 2022 — Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. Las predicciones de bifurcación mal entrenadas para las instrucciones de retorno pueden permitir la ejecución arbitraria de código especulativo bajo ciertas condiciones dependientes de la microarquitectura A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchi... • https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 6.5EPSS: 0%CPEs: 284EXPL: 0CVE-2022-23823
https://notcve.org/view.php?id=CVE-2022-23823
15 Jun 2022 — A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. Una vulnerabilidad potencial en algunos procesadores AMD que usan el escalado de frecuencia puede permitir a un atacante autenticado ejecutar un ataque de tiempo para permitir potencialmente la divulgación de información • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1038 • CWE-203: Observable Discrepancy •