Unprotected alternative channel of return branch target prediction in
some IntelĀ® Processors may allow an authorized user to potentially
enable information disclosure via local access. Alternative form of
return branch target prediction in some IntelĀ® Processors may allow
an authorized user to potentially enable information disclosure via
local access.
.
RSBA behavior allows alternate branch predictors to be used by
near RET instructions when the RSB is empty. When eIBRS is enabled,
the predicted target of these alternate predictors are restricted
to those belonging to the indirect branch predictor entries of the
current prediction domain.
Author | Note |
---|---|
sbeattie | this is being addressed as part of the Retbleed fixes being rolled out. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | <Ā any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | <Ā any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | <Ā any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | <Ā any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | <Ā any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | <Ā any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | <Ā any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | <Ā any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | <Ā any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure | <Ā any | UNKNOWN |
community.intel.com/t5/Blogs/Products-and-Solutions/Security/Chips-Salsa-Episode-21-July-2022-Security-Advisories-Retbleed/post/1399055
launchpad.net/bugs/cve/CVE-2022-28693
nvd.nist.gov/vuln/detail/CVE-2022-28693
security-tracker.debian.org/tracker/CVE-2022-28693
wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Retbleed
www.cve.org/CVERecord?id=CVE-2022-28693
www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/return-stack-buffer-underflow.html
www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00707.html