CVE-2022-2873 – kernel: an out-of-bounds vulnerability in i2c-ismt driver
https://notcve.org/view.php?id=CVE-2022-2873
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system. Se ha encontrado un fallo de acceso a memoria fuera de límites en el controlador de host iSMT SMBus del kernel de Linux, en la forma en que un usuario desencadena I2C_SMBUS_BLOCK_DATA (con el ioctl I2C_SMBUS) con datos de entrada maliciosos. Este fallo permite a un usuario local bloquear el sistema. • https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://lore.kernel.org/lkml/20220729093451.551672-1-zheyuma97%40gmail.com/T https://security.netapp.com/advisory/ntap-20230120-0001 https://www.debian.org/security/2023/dsa-5324 https://access.redhat.com/security/cve/CVE-2022-2873 https://bugzilla.redhat.com/show_bug.cgi?id=2119048 • CWE-131: Incorrect Calculation of Buffer Size •
CVE-2022-23825 – hw: cpu: AMD: Branch Type Confusion (non-retbleed)
https://notcve.org/view.php?id=CVE-2022-23825
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. Los alias en el predictor de bifurcación pueden causar que algunos procesadores AMD predigan el tipo de bifurcación incorrecto, conllevando a una divulgación de información A flaw was found in hw. Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to information disclosure. • http://www.openwall.com/lists/oss-security/2022/11/08/1 http://www.openwall.com/lists/oss-security/2022/11/10/2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLSRW4LLTAT3CZMOYVNTC7YIYGX3KLED https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K https://lists.fedoraproject.org/archives/list • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2022-29901 – Arbitrary Memory Disclosure through CPU Side-Channel Attacks (Retbleed)
https://notcve.org/view.php?id=CVE-2022-29901
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions. Las generaciones de microprocesadores Intel 6 a 8 están afectadas por una nueva variante de Spectre que es capaz de omitir su mitigación de retpoline en el kernel para filtrar datos arbitrarios. Un atacante con acceso de usuario no privilegiado puede secuestrar las instrucciones de retorno para lograr una ejecución arbitraria de código especulativo bajo determinadas condiciones dependientes de la microarquitectura A flaw was found in hw. Non-transparent sharing of branch predictor targets between contexts in some Intel(R) processors may potentially allow an authorized user to enable information disclosure via local access. • http://www.openwall.com/lists/oss-security/2022/07/12/2 http://www.openwall.com/lists/oss-security/2022/07/12/4 http://www.openwall.com/lists/oss-security/2022/07/12/5 http://www.openwall.com/lists/oss-security/2022/07/13/1 https://comsec.ethz.ch/retbleed https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fed • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2022-21166 – hw: cpu: incomplete clean-up in specific special register write operations (aka DRPW)
https://notcve.org/view.php?id=CVE-2022-21166
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Una limpieza incompleta en operaciones específicas de escritura en registros especiales para algunos procesadores Intel(R) puede permitir que un usuario autenticado permita potencialmente la divulgación de información por medio de acceso local A flaw was found in hw. Incomplete cleanup in specific special register write operations for some Intel® Processors may allow an authenticated user to enable information disclosure via local access. • http://www.openwall.com/lists/oss-security/2022/06/16/1 https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q https://lists.fedoraproject.org/archives& • CWE-459: Incomplete Cleanup •
CVE-2022-21125 – hw: cpu: incomplete clean-up of microarchitectural fill buffers (aka SBDS)
https://notcve.org/view.php?id=CVE-2022-21125
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Una limpieza incompleta de los búferes de relleno de la microarquitectura en algunos procesadores Intel(R) puede permitir que un usuario autenticado permita potencialmente la divulgación de información por medio del acceso local A flaw was found in hw. Incomplete cleanup of microarchitectural fill buffers on some Intel® Processors may allow an authenticated user to enable information disclosure via local access. • http://www.openwall.com/lists/oss-security/2022/06/16/1 http://xenbits.xen.org/xsa/advisory-404.html https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24 • CWE-459: Incomplete Cleanup •