Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly is being mitigated.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 4.14.297 |
References
- https://git.kernel.org/stable/c/17a9fc4a7b91f8599223631bb6ae6416bc0de1c0Patch
- https://git.kernel.org/stable/c/3d323b99ff5c8c57005184056d65f6af5b0479d8Patch
- https://git.kernel.org/stable/c/4d7f72b6e1bc630bec7e4cd51814bc2b092bf153Patch
- https://git.kernel.org/stable/c/8c38306e2e9257af4af2819aa287a4711ff36329Patch
- https://git.kernel.org/stable/c/8d5cff499a6d740c91ff37963907e0e983c37f0fPatch
- https://git.kernel.org/stable/c/9756bba28470722dacb79ffce554336dd1f6a6cdPatch
- https://git.kernel.org/stable/c/f744b88dfc201bf8092833ec70b23c720188b527Patch
FAQ
What is CVE-2022-49611?
CVE-2022-49611 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of commen...
How severe is CVE-2022-49611?
CVE-2022-49611 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-49611?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.