vulnerability
Oracle Linux: CVE-2022-40982: ELSA-2023-12782: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:C/I:N/A:N) | Aug 8, 2023 | Aug 15, 2023 | Jan 23, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:N)
Published
Aug 8, 2023
Added
Aug 15, 2023
Modified
Jan 23, 2025
Description
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
A Gather Data Sampling (GDS) transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction (load from memory) to infer stale data from previously used vector registers on the same physical core.
A Gather Data Sampling (GDS) transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction (load from memory) to infer stale data from previously used vector registers on the same physical core.
Solution(s)
oracle-linux-upgrade-kerneloracle-linux-upgrade-kernel-uek
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.