CVE-2022-4543

A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.openwall.com/lists/oss-security/2022/12/16/3	Exploit Mailing List Third Party Advisory
https://www.willsroot.io/2022/12/entrybleed.html	Exploit Third Party Advisory
https://www.openwall.com/lists/oss-security/2022/12/16/3	Exploit Mailing List Third Party Advisory
https://www.willsroot.io/2022/12/entrybleed.html	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:35

Type	Values Removed	Values Added
Summary		(es) Se encontró una falla denominada "EntryBleed" en el aislamiento de la tabla de páginas del kernel de Linux (KPTI). Este problema podría permitir que un atacante local filtre la base KASLR a través de canales laterales de captación previa basados en la sincronización TLB para sistemas Intel.
References	~~() https://www.openwall.com/lists/oss-security/2022/12/16/3 - Exploit, Mailing List, Third Party Advisory~~	() https://www.openwall.com/lists/oss-security/2022/12/16/3 - Exploit, Mailing List, Third Party Advisory
References	~~() https://www.willsroot.io/2022/12/entrybleed.html - Exploit, Third Party Advisory~~	() https://www.willsroot.io/2022/12/entrybleed.html - Exploit, Third Party Advisory

Information

Published : 2023-01-11 15:15

Updated : 2025-04-08 20:15

NVD link : CVE-2022-4543

Mitre link : CVE-2022-4543

CVE.ORG link : CVE-2022-4543

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-203

Observable Discrepancy

{"id": "CVE-2022-4543", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2023-01-11T15:15:09.673", "references": [{"url": "https://www.openwall.com/lists/oss-security/2022/12/16/3", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.willsroot.io/2022/12/entrybleed.html", "tags": ["Exploit", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.openwall.com/lists/oss-security/2022/12/16/3", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.willsroot.io/2022/12/entrybleed.html", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-203"}]}], "descriptions": [{"lang": "en", "value": "A flaw named \"EntryBleed\" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems."}, {"lang": "es", "value": "Se encontr\u00f3 una falla denominada \"EntryBleed\" en el aislamiento de la tabla de p\u00e1ginas del kernel de Linux (KPTI). Este problema podr\u00eda permitir que un atacante local filtre la base KASLR a trav\u00e9s de canales laterales de captaci\u00f3n previa basados en la sincronizaci\u00f3n TLB para sistemas Intel."}], "lastModified": "2025-04-08T20:15:18.790", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}

5.5 /10