vulnerability
Oracle Linux: CVE-2022-40982: ELSA-2023-12722: microcode_ctl security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:C/I:N/A:N) | Aug 8, 2023 | Aug 15, 2023 | Dec 3, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:N)
Published
Aug 8, 2023
Added
Aug 15, 2023
Modified
Dec 3, 2025
Description
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
A Gather Data Sampling (GDS) transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction (load from memory) to infer stale data from previously used vector registers on the same physical core.
A Gather Data Sampling (GDS) transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction (load from memory) to infer stale data from previously used vector registers on the same physical core.
Solutions
oracle-linux-upgrade-kerneloracle-linux-upgrade-kernel-uek
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.