PT-2022-9728 · Amd+5 · Amd Cpus+5

Pawel Wieczorkiewicz

·

Published

2022-03-08

·

Updated

2023-08-08

·

CVE-2021-26341

CVSS v2.0

2.1

Low

VectorAV:L/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions AMD CPUs (affected versions not specified)
Description The issue is related to speculative execution in AMD CPUs, which may allow data leakage by transiently executing beyond unconditional direct branches. This could potentially lead to the disclosure of arbitrary memory areas. For example, a proof-of-concept exploit has been developed to determine address layouts and bypass the KASLR (kernel address space layout randomization) protection mechanism by executing non-privileged code in the ePBF kernel subsystem. Other attack scenarios may also lead to kernel memory content leakage.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-212

Related Identifiers

ALSA-2023:2148
ALSA-2023:2458
ALSA-2023:2736
ALSA-2023:2951
ALT-PU-2022-2768
CESA-2023_2736
CESA-2023_2951
CVE-2021-26341
OPENSUSE-SU-2022:2549-1
OPENSUSE-SU-2022_2376-1
OPENSUSE-SU-2022_2411-1
OPENSUSE-SU-2022_2422-1
OPENSUSE-SU-2022_2520-1
OPENSUSE-SU-2022_2549-1
OPENSUSE-SU-2022_2615-1
RHSA-2023:2148
RHSA-2023:2458
RHSA-2023:2736
RHSA-2023:2951
RHSA-2023_2148
RHSA-2023_2458
RHSA-2023_2736
RHSA-2023_2951
RHSA-2024:1877
SUSE-SU-2022:2376-1
SUSE-SU-2022:2379-1
SUSE-SU-2022:2393-1
SUSE-SU-2022:2407-1
SUSE-SU-2022:2411-1
SUSE-SU-2022:2424-1
SUSE-SU-2022:2424-2
SUSE-SU-2022:2478-1
SUSE-SU-2022:2520-1
SUSE-SU-2022:2549-1
SUSE-SU-2022:2615-1
SUSE-SU-2022:2629-1
SUSE-SU-2022:2723-1
SUSE-SU-2022:2808-1
SUSE-SU-2022:2809-1
SUSE-SU-2022_2411-1
SUSE-SU-2022_2423-1
SUSE-SU-2022_2808-1
SUSE-SU-2023:0416-1

Affected Products

Alt Linux
Amd Cpus
Almalinux
Centos
Red Hat
Suse