vulnerability
VMSA-2022-0020: Return-Stack-Buffer-Underflow and Branch Type Confusion vulnerabilities (CVE-2022-29901)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:M/Au:N/C:P/I:N/A:N) | Jul 12, 2022 | Aug 9, 2022 | Jun 24, 2026 |
Severity
2
CVSS
(AV:L/AC:M/Au:N/C:P/I:N/A:N)
Published
Jul 12, 2022
Added
Aug 9, 2022
Modified
Jun 24, 2026
Description
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.
Solutions
vmware-esxi65-upgrade-19997716vmware-esxi67-upgrade-19997733vmware-esxi700-upgrade-20036589vmware-esxi701-upgrade-20036589vmware-esxi702-upgrade-20036589vmware-esxi703-upgrade-20036589
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.