GoogleOSV:ASB-A-215557547Speculative Target Reuse Attacks
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
7 High
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
21.6%
In specific ARM processors, there is a possible side-channel information leak due to a hardware flaw. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
| CPE | Name | Operator | Version |
|---|---|---|---|
| :linux_kernel: | eq | Kernel |
References
android.googlesource.com/kernel/common/+/0777e59b105c05cb46ea877130e672223e87e0e8
android.googlesource.com/kernel/common/+/124cc54b229a637e2ff7d70e5099ae4d6187e39f
android.googlesource.com/kernel/common/+/150ecd86887b2571214a4d998eb8597434ebb476
android.googlesource.com/kernel/common/+/15e43a2ac5e15c503c104831e9e2b6d5fc7d6131
android.googlesource.com/kernel/common/+/16ddad71e36c65545bef2ab577adbc3e40fe4668
android.googlesource.com/kernel/common/+/26e71fb73c4027d77a3212c8c9eff7e955e6ec45
android.googlesource.com/kernel/common/+/5e6ae4e3cb2b045d69ac9cee1ae282d267283799
android.googlesource.com/kernel/common/+/65b1e224b17749cad53443715dbf7f080338eac3
android.googlesource.com/kernel/common/+/6d6256ca4bf5a77a7e3a99cf7c19f64eea82c1b0
android.googlesource.com/kernel/common/+/873dbc2b8ecc2acf2388056bfced5bf6361a4c73
android.googlesource.com/kernel/common/+/910e14e7d00119a382bb22c3c40f2fd7db3bc1e4
android.googlesource.com/kernel/common/+/96468c6085fc87f1defb2b187bd778505723e1bc
android.googlesource.com/kernel/common/+/9811efebb90ce7ea684a5599da729465abadcc22
android.googlesource.com/kernel/common/+/9d4fc09b9e77f06a45a6762b116e867c3614a39d
android.googlesource.com/kernel/common/+/a1736e3ccd78ceb797c3bc1b99b9114c2c00f450
android.googlesource.com/kernel/common/+/a7cd57c87823bfe4c4eb88dfd045f242d6ddeeeb
android.googlesource.com/kernel/common/+/b79237c4eadebf2d40ccb55734dd86fc6cbbc803
android.googlesource.com/kernel/common/+/be161e5c6660b9c9ab1a2948a60a377e836b9685
android.googlesource.com/kernel/common/+/c5aaa5f0d57ceb3d679f2c17bf555b29585d0f0e
android.googlesource.com/kernel/common/+/cae54aa2645c769ba3263b1abd1e05cbd838f4a9
android.googlesource.com/kernel/common/+/cf6a46ae183aaba1b08f183e3448f8756f8d68e1
android.googlesource.com/kernel/common/+/d65dd058214689b75eaeb054647493511755db97
android.googlesource.com/kernel/common/+/decde029b601e1a8b09d94f0864a1f518a140fb3
android.googlesource.com/kernel/common/+/df38bfac784b0659f0c5eaa2b7ab7a11dfffb47e
android.googlesource.com/kernel/common/+/e80db263bef5f31f0baffc5e41fcc179ae27fe22
android.googlesource.com/kernel/common/+/ffb8d4139dbcc245ab7013d56c637cfa04c1d4cf
source.android.com/security/bulletin/2022-12-01
Related
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
7 High
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
21.6%