We found results for “”
CVE-2023-1637
Good to know:
Date: March 27, 2023
A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unauthorized access to some memory of the CPU similar to the speculative execution behavior kind of attacks.
Language: C
Severity Score
Related Resources (6)
Severity Score
Weakness Type (CWE)
Improper Removal of Sensitive Information Before Storage or Transfer
CWE-212Top Fix
Upgrade Version
Upgrade to version v4.9.311,v4.14.276,v4.19.238,v5.4.189,v5.10.111,v5.15.34,v5.16.20,v5.17.3,v5.18-rc2
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | NONE |
Availability (A): | NONE |