CVE-2022-49611

EUVD-2022-54621
In the Linux kernel, the following vulnerability has been resolved:

x86/speculation: Fill RSB on vmexit for IBRS

Prevent RSB underflow/poisoning attacks with RSB.  While at it, add a
bunch of comments to attempt to document the current state of tribal
knowledge about RSB attacks and what exactly is being mitigated.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
𝑥
< 4.14.297
linuxlinux_kernel
4.15 ≤
𝑥
< 4.19.266
linuxlinux_kernel
4.20 ≤
𝑥
< 5.4.217
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.133
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.57
linuxlinux_kernel
5.16 ≤
𝑥
< 5.18.14
linuxlinux_kernel
5.19:rc1
linuxlinux_kernel
5.19:rc2
linuxlinux_kernel
5.19:rc3
linuxlinux_kernel
5.19:rc4
linuxlinux_kernel
5.19:rc5
linuxlinux_kernel
5.19:rc6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.234-1
fixed
sid
6.12.16-1
fixed
trixie
6.12.12-1
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
cluster-md-kmp-default
suse enterprise server 12 SP5
4.12.14-122.255.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
dlm-kmp-default
suse enterprise server 12 SP5
4.12.14-122.255.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
gfs2-kmp-default
suse enterprise server 12 SP5
4.12.14-122.255.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
kernel-64kb
suse enterprise server 15 SP3
5.3.18-150300.59.201.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.158.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
kernel-default
suse enterprise server 12 SP5
4.12.14-122.255.1
fixed
suse enterprise server 15 SP2
5.3.18-150200.24.224.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.201.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.158.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
kernel-default-base
suse enterprise server 12 SP5
4.12.14-122.255.1
fixed
suse enterprise server 15 SP2
5.3.18-150200.24.224.1.150200.9.120.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.201.1.150300.18.120.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.158.1.150400.24.78.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1.150500.6.47.1
fixed
kernel-default-man
suse enterprise server 12 SP5
4.12.14-122.255.1
fixed
kernel-docs
suse enterprise server 15 SP2
5.3.18-150200.24.224.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.201.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.158.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
kernel-macros
suse enterprise server 12 SP5
4.12.14-122.255.1
fixed
suse enterprise server 15 SP2
5.3.18-150200.24.224.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.201.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.158.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
kernel-obs-build
suse enterprise server 15 SP2
5.3.18-150200.24.224.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.201.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.158.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
kernel-preempt
suse enterprise server 15 SP2
5.3.18-150200.24.224.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.201.1
fixed
kernel-source
suse enterprise server 12 SP5
4.12.14-122.255.1
fixed
suse enterprise server 15 SP2
5.3.18-150200.24.224.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.201.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.158.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
kernel-syms
suse enterprise server 12 SP5
4.12.14-122.255.1
fixed
suse enterprise server 15 SP2
5.3.18-150200.24.224.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.201.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.158.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
kernel-zfcpdump
suse enterprise server 15 SP3
5.3.18-150300.59.201.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.158.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
ocfs2-kmp-default
suse enterprise server 12 SP5
4.12.14-122.255.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
reiserfs-kmp-default
suse enterprise server 15 SP2
5.3.18-150200.24.224.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.201.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.158.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.100.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
bpftool
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-abi-stablelists
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-core
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-debug
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-debug-core
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-debug-devel
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-debug-modules
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-debug-modules-extra
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-devel
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-doc
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-modules
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-modules-extra
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-tools
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-tools-libs
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-tools-libs-devel
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-zfcpdump
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-zfcpdump-core
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-zfcpdump-devel
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-zfcpdump-modules
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
kernel-zfcpdump-modules-extra
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
perf
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
python3-perf
RHEL 8
0:4.18.0-425.3.1.el8
fixed
RHEL 8.6 AUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 EUS
0:4.18.0-372.32.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.32.1.el8_6
fixed
References
https://git.kernel.org/stable/c/17a9fc4a7b91f8599223631bb6ae6416bc0de1c0
https://git.kernel.org/stable/c/3d323b99ff5c8c57005184056d65f6af5b0479d8
https://git.kernel.org/stable/c/4d7f72b6e1bc630bec7e4cd51814bc2b092bf153
https://git.kernel.org/stable/c/8c38306e2e9257af4af2819aa287a4711ff36329
https://git.kernel.org/stable/c/8d5cff499a6d740c91ff37963907e0e983c37f0f
https://git.kernel.org/stable/c/9756bba28470722dacb79ffce554336dd1f6a6cd
https://git.kernel.org/stable/c/f744b88dfc201bf8092833ec70b23c720188b527