Home

CVE-2022-23960

Description

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information.

Risk Information

Base Score
5.6
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.142

Associated Vulnerability

VulnerabilityOS Platform
Windows Photo Import API Elevation of Privilege Vulnerability for Windows 11 for x64-based Systems (KB5017328)Windows
Linux kernel (USN-5317-1) linux-image-aws_5.13.0.1017.18_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-aws_5.13.0.1017.19~20.04.10_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-gcp_5.13.0.1019.17_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-gcp_5.13.0.1019.23~20.04.1_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-gke_5.13.0.1019.17_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-kvm_5.13.0.1016.16_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-azure_5.13.0.1017.17_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-azure_5.13.0.1017.19~20.04.7_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-oracle_5.13.0.1021.21_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-oracle_5.13.0.1021.26~20.04.1_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-generic_5.13.0.35.44_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-virtual_5.13.0.35.44_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-oem-20.04_5.13.0.35.44_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-oem-20.04_5.14.0.1027.24_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-lowlatency_5.13.0.35.44_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-oem-20.04b_5.14.0.1027.24_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-oem-20.04c_5.14.0.1027.24_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-oem-20.04d_5.14.0.1027.24_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-1016-kvm_5.13.0-1016.17_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-1017-aws_5.13.0-1017.19_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-1017-aws_5.13.0-1017.19~20.04.1_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-1019-gcp_5.13.0-1019.23_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-1019-gcp_5.13.0-1019.23~20.04.1_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.14.0-1027-oem_5.14.0-1027.30_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-1017-azure_5.13.0-1017.19_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-1017-azure_5.13.0-1017.19~20.04.1_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-35-generic_5.13.0-35.40_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-35-generic_5.13.0-35.40~20.04.1_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-generic-hwe-20.04_5.13.0.35.40~20.04.20_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-virtual-hwe-20.04_5.13.0.35.40~20.04.20_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-1021-oracle_5.13.0-1021.26_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-1021-oracle_5.13.0-1021.26~20.04.1_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-35-lowlatency_5.13.0-35.40_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-5.13.0-35-lowlatency_5.13.0-35.40~20.04.1_amd64.debLinux
Linux kernel (USN-5317-1) linux-image-lowlatency-hwe-20.04_5.13.0.35.40~20.04.20_amd64.debLinux
Kernel-uek update (ELSA-2022-9244) kernel-uek-5.4.17-2136.305.5.3.el7uek.x86_64.rpmLinux
Kernel-uek-debug update (ELSA-2022-9244) kernel-uek-debug-5.4.17-2136.305.5.3.el7uek.x86_64.rpmLinux
Kernel-uek-debug-devel update (ELSA-2022-9244) kernel-uek-debug-devel-5.4.17-2136.305.5.3.el7uek.x86_64.rpmLinux
Kernel-uek-devel update (ELSA-2022-9244) kernel-uek-devel-5.4.17-2136.305.5.3.el7uek.x86_64.rpmLinux
Kernel-uek-doc update (ELSA-2022-9244) kernel-uek-doc-5.4.17-2136.305.5.3.el7uek.noarch.rpmLinux
Kernel-uek-tools update (ELSA-2022-9244) kernel-uek-tools-5.4.17-2136.305.5.3.el7uek.x86_64.rpmLinux
Kernel-uek update (ELSA-2022-9244) kernel-uek-5.4.17-2136.305.5.3.el8uek.x86_64.rpmLinux
Kernel-uek-debug update (ELSA-2022-9244) kernel-uek-debug-5.4.17-2136.305.5.3.el8uek.x86_64.rpmLinux
Kernel-uek-debug-devel update (ELSA-2022-9244) kernel-uek-debug-devel-5.4.17-2136.305.5.3.el8uek.x86_64.rpmLinux
Kernel-uek-devel update (ELSA-2022-9244) kernel-uek-devel-5.4.17-2136.305.5.3.el8uek.x86_64.rpmLinux
Kernel-uek-doc update (ELSA-2022-9244) kernel-uek-doc-5.4.17-2136.305.5.3.el8uek.noarch.rpmLinux
Kernel-uek-container update (ELSA-2022-9245) kernel-uek-container-5.4.17-2136.305.5.3.el8.x86_64.rpmLinux
Kernel-uek-container-debug update (ELSA-2022-9245) kernel-uek-container-debug-5.4.17-2136.305.5.3.el8.x86_64.rpmLinux
Linux kernel for Intel IOTG (USN-5362-1) linux-image-intel_5.13.0.1010.11_amd64.debLinux
Linux kernel for Intel IOTG (USN-5362-1) linux-image-5.13.0-1010-intel_5.13.0-1010.10_amd64.debLinux
Kernel-uek update (ELSA-2022-9273) kernel-uek-5.4.17-2136.306.1.3.el8uek.x86_64.rpmLinux
Kernel-uek-debug update (ELSA-2022-9273) kernel-uek-debug-5.4.17-2136.306.1.3.el8uek.x86_64.rpmLinux
Kernel-uek-debug-devel update (ELSA-2022-9273) kernel-uek-debug-devel-5.4.17-2136.306.1.3.el8uek.x86_64.rpmLinux
Kernel-uek-devel update (ELSA-2022-9273) kernel-uek-devel-5.4.17-2136.306.1.3.el8uek.x86_64.rpmLinux
Kernel-uek-doc update (ELSA-2022-9273) kernel-uek-doc-5.4.17-2136.306.1.3.el8uek.noarch.rpmLinux
SUSE-SU-2022:1196-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-4.12.14-122.116.1.x86_64.rpmLinux
SUSE-SU-2022:1196-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-base-4.12.14-122.116.1.x86_64.rpmLinux
SUSE-SU-2022:1196-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-base-debuginfo-4.12.14-122.116.1.x86_64.rpmLinux
SUSE-SU-2022:1196-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-debuginfo-4.12.14-122.116.1.x86_64.rpmLinux
SUSE-SU-2022:1196-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-debugsource-4.12.14-122.116.1.x86_64.rpmLinux
SUSE-SU-2022:1196-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-devel-4.12.14-122.116.1.x86_64.rpmLinux
SUSE-SU-2022:1196-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-devel-debuginfo-4.12.14-122.116.1.x86_64.rpmLinux
SUSE-SU-2022:1196-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-4.12.14-122.116.1.noarch.rpmLinux
SUSE-SU-2022:1196-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-macros-4.12.14-122.116.1.noarch.rpmLinux
SUSE-SU-2022:1196-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-4.12.14-122.116.1.noarch.rpmLinux
SUSE-SU-2022:1196-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-4.12.14-122.116.1.x86_64.rpmLinux
SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-4.12.14-16.97.1.x86_64.rpmLinux
SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-4.12.14-16.97.1.x86_64.rpmLinux
SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-debuginfo-4.12.14-16.97.1.x86_64.rpmLinux
SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debuginfo-4.12.14-16.97.1.x86_64.rpmLinux
SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debugsource-4.12.14-16.97.1.x86_64.rpmLinux
SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-devel-4.12.14-16.97.1.x86_64.rpmLinux
SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-azure-4.12.14-16.97.1.noarch.rpmLinux
SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-azure-4.12.14-16.97.1.noarch.rpmLinux
SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-azure-4.12.14-16.97.1.x86_64.rpmLinux
Kernel-uek-container update (ELSA-2022-9480) kernel-uek-container-5.4.17-2136.308.7.el8.x86_64.rpmLinux
Kernel-uek-container-debug update (ELSA-2022-9480) kernel-uek-container-debug-5.4.17-2136.308.7.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update bpftool-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-abi-stablelists-4.18.0-425.3.1.el8.noarch.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-core-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-cross-headers-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-debug-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-debug-core-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-debug-devel-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-debug-modules-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-debug-modules-extra-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-devel-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-doc-4.18.0-425.3.1.el8.noarch.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-headers-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-modules-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-modules-extra-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-tools-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-tools-libs-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update perf-4.18.0-425.3.1.el8.x86_64.rpmLinux
(RHSA-2022:7683) kernel security, bug fix, and enhancement update python3-perf-4.18.0-425.3.1.el8.x86_64.rpmLinux
kernel Security Update (ALAS-2022-1761) kernel-livepatch-4.14.268-205.500-1.0-0.amzn2.x86_64.rpmLinux
kernel Security Update (ALAS-2023-070) kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64.rpmLinux
kernel Security Update (ALAS2023-2023-070) bpftool-6.1.10-15.42.amzn2023.x86_64.rpmLinux
kernel Security Update (ALAS2023-2023-070) python3-perf-6.1.10-15.42.amzn2023.x86_64.rpmLinux
kernel Security Update (ALAS2023-2023-070) perf-6.1.10-15.42.amzn2023.x86_64.rpmLinux
kernel Security Update (ALAS2023-2023-070) kernel-6.1.10-15.42.amzn2023.x86_64.rpmLinux
kernel Security Update (ALAS2023-2023-070) kernel-devel-6.1.10-15.42.amzn2023.x86_64.rpmLinux
kernel Security Update (ALAS2023-2023-070) kernel-headers-6.1.10-15.42.amzn2023.x86_64.rpmLinux
kernel Security Update (ALAS2023-2023-070) kernel-libbpf-6.1.10-15.42.amzn2023.x86_64.rpmLinux
kernel Security Update (ALAS2023-2023-070) kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64.rpmLinux
kernel Security Update (ALAS2023-2023-070) kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64.rpmLinux
kernel Security Update (ALAS2023-2023-070) kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64.rpmLinux
kernel Security Update (ALAS2023-2023-070) kernel-tools-6.1.10-15.42.amzn2023.x86_64.rpmLinux
kernel Security Update (ALAS2023-2023-070) kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-345742022-09 Cumulative Update for Windows 11 for x64-based Systems (KB5017328) (CVE-2022-37969)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234