CVE-2022-29901

NameCVE-2022-29901
DescriptionIntel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3102-1, DSA-5207-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
linux (PTS)buster4.19.249-2vulnerable
buster (security)4.19.260-1vulnerable
bullseye5.10.140-1fixed
bullseye (security)5.10.149-2fixed
bookworm, sid6.0.10-2fixed
linux-5.10 (PTS)buster (security)5.10.149-2~deb10u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
linuxsourcebullseye5.10.136-1DSA-5207-1
linuxsource(unstable)5.18.14-1
linux-5.10sourcebuster5.10.136-1~deb10u1DLA-3102-1

Notes

[buster] - linux <ignored> (Mitigation is too invasive to backport)
https://comsec.ethz.ch/research/microarch/retbleed/
https://comsec.ethz.ch/wp-content/files/retbleed_sec22.pdf
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html

Search for package or bug name: Reporting problems