CVE-2022-0002

MEDIUM6.5

Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access

Published Mar 11, 2022

Modified 8 months ago

Details

Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

References

WEBhttp://www.openwall.com/lists/oss-security/2022/03/18/2 WEBhttps://security.netapp.com/advisory/ntap-20220818-0004/ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2022-0002 WEBhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html WEBhttps://www.oracle.com/security-alerts/cpujul2022.html

CVSS Analysis

CVSS v3.1

6.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

ChangedS:C

Impact

Confidentiality

HighC:H

Integrity

NoneI:N

Availability

NoneA:N

6.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Ecosystems

Timeline

PublishedMar 11, 2022

ModifiedMay 5, 2025