1. Home
  2. CVE Database
  3. CVE-2022-29901
MEDIUM · 5.6

CVE-2022-29901

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user...

Vulnerability Description

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

CVSS Score

5.6

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IntelCore I7-6500U Firmware-
IntelCore I7-6500U-
IntelCore I7-6510U Firmware-
IntelCore I7-6510U-
IntelCore I7-6560U Firmware-
IntelCore I7-6560U-
IntelCore I7-6567U Firmware-
IntelCore I7-6567U-
IntelCore I7-6600U Firmware-
IntelCore I7-6600U-
IntelCore I7-6650U Firmware-
IntelCore I7-6650U-
IntelCore I7-6660U Firmware-
IntelCore I7-6660U-
IntelCore I7-6700 Firmware-
IntelCore I7-6700-
IntelCore I7-6700Hq Firmware-
IntelCore I7-6700Hq-
IntelCore I7-6700K Firmware-
IntelCore I7-6700K-

Related Weaknesses (CWE)

CWE-668CWE-200

References

FAQ

What is CVE-2022-29901?

CVE-2022-29901 is a vulnerability with a CVSS score of 5.6 (MEDIUM). Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user...

How severe is CVE-2022-29901?

CVE-2022-29901 has been rated MEDIUM with a CVSS base score of 5.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-29901?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Core I7-6500U Firmware, Intel Core I7-6500U, Intel Core I7-6510U Firmware, Intel Core I7-6510U, Intel Core I7-6560U Firmware.