CVE-2022-0001

high-risk

Published 2022-03-11

Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Do I need to act?

0.29% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.5/10 Medium

LOCAL / LOW complexity

Affected Products (20)

Atom P5921B

Atom P5931B

Atom P5942B

Atom P5962B

Atom X6200Fe

Atom X6211E

Atom X6212Re

Atom X6413E

Atom X6425E

Atom X6425Re

Atom X6427Fe

Celeron 5305U

Celeron 6305

Celeron 6305E

Celeron 6600He

Celeron G5205U

Celeron G5305U

Celeron G5900

Celeron G5900T

Celeron G5905

Affected Vendors

Oracle Intel

References (12)

Mailing List http://www.openwall.com/lists/oss-security/2022/03/18/2

Third Party Advisory https://security.netapp.com/advisory/ntap-20220818-0004/

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598....

https://www.kb.cert.org/vuls/id/155143

Patch https://www.oracle.com/security-alerts/cpujul2022.html

Mailing List http://www.openwall.com/lists/oss-security/2022/03/18/2

Third Party Advisory https://security.netapp.com/advisory/ntap-20220818-0004/

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598....

https://www.kb.cert.org/vuls/id/155143

Patch https://www.oracle.com/security-alerts/cpujul2022.html

https://www.vicarius.io/vsociety/posts/cve-2022-0001-detect-specter-vulnerabilit...

https://www.vicarius.io/vsociety/posts/cve-2022-0001-mitigate-specter-vulnerabil...

/ 100

high-risk

Severity 21/34 · High

Exploitability 1/34 · Minimal

Exposure 33/34 · Critical