CVE-2022-4543

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2022-4543

Severity

5.5

Medium

CVSS CVSS_V3

Description

A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.

References

https://images.chainguard.dev/security/CGA-3wgj-g89r-2ghm
https://github.com/advisories/GHSA-252r-7vwr-8rfh
https://images.chainguard.dev/security/CGA-3pmv-8xrg-mfw8
https://images.chainguard.dev/security/CGA-2c8j-29jr-2h7f
https://images.chainguard.dev/security/CGA-q5w4-wc74-pv76
https://images.chainguard.dev/security/CGA-fjqw-hmr9-24x8
https://images.chainguard.dev/security/CGA-jfjv-793r-5c3m
https://images.chainguard.dev/security/CGA-7mcw-m4h2-3p5j
https://images.chainguard.dev/security/CGA-23w2-f35g-rg7r
https://www.openwall.com/lists/oss-security/2022/12/16/3
https://www.willsroot.io/2022/12/entrybleed.html
https://security-tracker.debian.org/tracker/CVE-2022-4543

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Private Policy

CVE-2022-4543

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources