The vulnerability of microprogramming software for Intel and AMD processors allows attackers to extract sensitive information from the kernel’s memory or launch attacks on host systems from virtual machines.

🗓️ 15 Jul 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Intel and AMD microprogramming vulnerability lets attackers read kernel memory or attack hosts from virtual machines via the ret instruction.

Reporter	Title	Published	Views	Family All 471
ATTACKERKB	CVE-2022-29901	12 Jul 202219:15	–	attackerkb
Tenable Nessus	Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-125)	6 Sep 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-185)	5 Nov 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-070)	21 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2-2022-1838 (ALAS-2022-1838)	15 Sep 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-019)	23 Aug 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.10-2025-086)	27 Mar 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-006)	23 Aug 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-068)	19 Mar 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-037)	25 Oct 202200:00	–	nessus

Vulners

Node

novell suse_openstack_cloudMatch9linux

OR

novell suse_manager_proxyMatch4.2linux

OR

novell suse_manager_serverMatch4.2linux

OR

novell suse_manager_retail_branch_serverMatch4.2linux

OR

novell suse_enterprise_storageMatch7.1linux

OR

red_hat red_hat_enterprise_linuxMatch6

OR

red_hat red_hat_enterprise_linuxMatch7

OR

red_hat red_hat_enterprise_linuxMatch8

OR

novell opensuse_leapMatch15.3

OR

fedora fedoraMatch35

OR

fedora fedoraMatch36

OR

red_hat red_hat_enterprise_linuxMatch9

Source	Link
openwall	www.openwall.com/lists/oss-security/2022/07/12/2
openwall	www.openwall.com/lists/oss-security/2022/07/12/4
openwall	www.openwall.com/lists/oss-security/2022/07/12/5
openwall	www.openwall.com/lists/oss-security/2022/07/13/1
access	www.access.redhat.com/security/cve/CVE-2022-29901
community	www.community.intel.com/t5/Blogs/Products-and-Solutions/Security/Chips-Salsa-Episode-21-July-2022-Security-Advisories-Retbleed/post/1399055
comsec	www.comsec.ethz.ch/research/microarch/retbleed/
comsec	www.comsec.ethz.ch/retbleed
comsec	www.comsec.ethz.ch/wp-content/files/retbleed_sec22.pdf
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

11 Feb 2025 00:00Current

6.8Medium risk

Vulners AI Score6.8

CVSS 23.8

CVSS 35.6

EPSS0.04947

intel processors amd processors microprogramming vulnerability ret instruction kernel memory virtual machines host systems