CVE-2022-23824
published 2022-11-09CVE-2022-23824: IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| amd | amd_processors | — | — |
| debian | xen | < xen 4.16.2+90-g0d39a6d1ae-1 (bookworm) | xen 4.16.2+90-g0d39a6d1ae-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1809 | — | — |
| msrc | windows_10_version_20h2 | — | — |
| msrc | windows_10_version_21h1 | — | — |
| msrc | windows_10_version_21h2 | — | — |
| msrc | windows_10_version_22h2 | — | — |
| msrc | windows_11_version_21h2 | — | — |
| msrc | windows_11_version_22h2 | — | — |
| msrc | windows_7 | — | — |
| msrc | windows_8.1 | — | — |
| msrc | windows_rt_8.1 | — | — |
| msrc | windows_server_2008 | — | — |
| msrc | windows_server_2008_r2 | — | — |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
| xen | xen | >= 0 < 4.14.5+94-ge49571868d-1 | 4.14.5+94-ge49571868d-1 |
| xen | xen | >= 0 < 4.16.2+90-g0d39a6d1ae-1 | 4.16.2+90-g0d39a6d1ae-1 |
| xen | xen | >= 0 < 4.16.2+90-g0d39a6d1ae-1 | 4.16.2+90-g0d39a6d1ae-1 |
| xen | xen | >= 0 < 4.16.2+90-g0d39a6d1ae-1 | 4.16.2+90-g0d39a6d1ae-1 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
osv5.5MEDIUM