vulnerability

Red Hat: CVE-2023-1637: kernel: save/restore speculative MSRs during S3 suspend/resume (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:C/I:N/A:N)	Mar 27, 2023	Aug 30, 2023	Mar 27, 2026

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:N/A:N)

Published

Mar 27, 2023

Added

Aug 30, 2023

Modified

Mar 27, 2026

Description

A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unauthorized access to some memory of the CPU similar to the speculative execution behavior kind of attacks.

Solutions

redhat-upgrade-kernelredhat-upgrade-kernel-rt

References

CWE-212
CWE-226
EUVD-EUVD-2023-23866
NVD-CVE-2023-1637
REDHAT-RHSA-2023:4789
REDHAT-RHSA-2023:5069
REDHAT-RHSA-2023:5091
REDHAT-RHSA-2023:5244
REDHAT-RHSA-2023:5255
https://euvd.enisa.europa.eu/vulnerability/EUVD-2023-23866

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report