Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-0001
HistoryMar 08, 2022 - 12:00 a.m.

CVE-2022-0001

2022-03-0800:00:00
ubuntu.com
ubuntu.com
29

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

0.0005 Low

EPSS

Percentile

18.1%

Non-transparent sharing of branch predictor selectors between contexts in
some Intel® Processors may allow an authorized user to potentially enable
information disclosure via local access.

Notes

Author Note
sbeattie unprivileged eBPF was already disabled by default for 5.13 and newer kernels this issue is priority medium for trusty/3.13 kernels, as unprivileged BPF was not yet available in the Linux kernel of that era.
Rows per page:
1-10 of 591

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

0.0005 Low

EPSS

Percentile

18.1%