CVE-2022-29900
N/A
N/A
Summary
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| AMD | AMD Processors | Processor Some AMD Processors | affected |
Weaknesses
- NA
ADP Enrichment
CVE Program Container
Additional References
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/
- https://www.debian.org/security/2022/dsa-5207
- https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html
- https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/
- https://security.gentoo.org/glsa/202402-07
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/
- https://www.debian.org/security/2022/dsa-5207
- https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html
- https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/
- https://security.gentoo.org/glsa/202402-07
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.