6.5
MEDIUM
CVE-2022-29901
Intel Microprocessors Spectre Extension
Description

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

INFO

Published Date :

July 12, 2022, 7:15 p.m.

Last Modified :

Nov. 21, 2024, 6:59 a.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

4.0

Exploitability Score :

2.0
Public PoC/Exploit Available at Github

CVE-2022-29901 has a 3 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2022-29901 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Intel core_i7-6700hq_firmware
2 Intel core_i7-6770hq_firmware
3 Intel core_i7-6820hk_firmware
4 Intel core_i7-6820hq_firmware
5 Intel core_i7-6870hq_firmware
6 Intel core_i7-6920hq_firmware
7 Intel core_i7-6970hq_firmware
8 Intel core_i5-6300hq_firmware
9 Intel core_i5-6350hq_firmware
10 Intel core_i5-6440hq_firmware
11 Intel core_i3-6100h_firmware
12 Intel core_i7-6700_firmware
13 Intel core_i7-6700k_firmware
14 Intel core_i7-6700t_firmware
15 Intel core_i7-6700te_firmware
16 Intel core_i7-6820eq_firmware
17 Intel core_i7-6822eq_firmware
18 Intel core_i5-6400_firmware
19 Intel core_i5-6400t_firmware
20 Intel core_i5-6440eq_firmware
21 Intel core_i5-6442eq_firmware
22 Intel core_i5-6500_firmware
23 Intel core_i5-6500t_firmware
24 Intel core_i5-6500te_firmware
25 Intel core_i5-6600_firmware
26 Intel core_i5-6600k_firmware
27 Intel core_i5-6600t_firmware
28 Intel core_i3-6100_firmware
29 Intel core_i3-6100e_firmware
30 Intel core_i3-6100t_firmware
31 Intel core_i3-6100te_firmware
32 Intel core_i3-6102e_firmware
33 Intel core_i3-6120_firmware
34 Intel core_i3-6120t_firmware
35 Intel core_i3-6300_firmware
36 Intel core_i3-6300t_firmware
37 Intel core_i3-6320_firmware
38 Intel core_i3-6320t_firmware
39 Intel core_i7-8665u_firmware
40 Intel core_i7-8557u_firmware
41 Intel core_i7-8850h_firmware
42 Intel core_i7-8809g_firmware
43 Intel core_i7-8750hf_firmware
44 Intel core_i7-8750h_firmware
45 Intel core_i7-8709g_firmware
46 Intel core_i7-8706g_firmware
47 Intel core_i7-8705g_firmware
48 Intel core_i7-8700b_firmware
49 Intel core_i7-8569u_firmware
50 Intel core_i7-8650u_firmware
51 Intel core_i7-8565u_firmware
52 Intel core_i7-8560u_firmware
53 Intel core_i7-8559u_firmware
54 Intel core_i7-8500y_firmware
55 Intel core_i7-8510y_firmware
56 Intel core_i7-8550u_firmware
57 Intel core_i5-8310y_firmware
58 Intel core_i5-8210y_firmware
59 Intel core_i5-8200y_firmware
60 Intel core_m3-8100y_firmware
61 Intel core_i5-8259u_firmware
62 Intel core_i5-8269u_firmware
63 Intel core_i3-8109u_firmware
64 Intel core_i5-8250u_firmware
65 Intel core_i5-8350u_firmware
66 Intel core_i3-8130u_firmware
67 Intel core_i5-8365u_firmware
68 Intel core_i5-8265u_firmware
69 Intel core_i3-8145u_firmware
70 Intel core_i5-8305g_firmware
71 Intel core_i9-8950hk_firmware
72 Intel core_i5-8300h_firmware
73 Intel core_i5-8400b_firmware
74 Intel core_i5-8400h_firmware
75 Intel core_i5-8500b_firmware
76 Intel core_i7-8700k_firmware
77 Intel core_i5-8600k_firmware
78 Intel core_i5-8650k_firmware
79 Intel core_i7-8670_firmware
80 Intel core_i7-8670t_firmware
81 Intel core_i7-8700_firmware
82 Intel core_i7-8700t_firmware
83 Intel core_i5-8400_firmware
84 Intel core_i5-8400t_firmware
85 Intel core_i5-8420_firmware
86 Intel core_i5-8420t_firmware
87 Intel core_i5-8500_firmware
88 Intel core_i5-8500t_firmware
89 Intel core_i5-8550_firmware
90 Intel core_i5-8600_firmware
91 Intel core_i5-8600t_firmware
92 Intel core_i5-8650_firmware
93 Intel core_i3-8000_firmware
94 Intel core_i3-8000t_firmware
95 Intel core_i3-8020_firmware
96 Intel core_i3-8100_firmware
97 Intel core_i3-8100h_firmware
98 Intel core_i3-8100t_firmware
99 Intel core_i3-8120_firmware
100 Intel core_i3-8300_firmware
101 Intel core_i3-8300t_firmware
102 Intel core_i3-8350k_firmware
103 Intel core_i7-6660u_firmware
104 Intel core_i7-6650u_firmware
105 Intel core_i7-6600u_firmware
106 Intel core_i7-6567u_firmware
107 Intel core_i7-6560u_firmware
108 Intel core_i7-6500u_firmware
109 Intel core_i5-6200u_firmware
110 Intel core_i5-6287u_firmware
111 Intel core_i5-6267u_firmware
112 Intel core_i5-6260u_firmware
113 Intel core_i3-6100u_firmware
114 Intel core_i3-6167u_firmware
115 Intel core_m7-6y75_firmware
116 Intel core_i5-6300u_firmware
117 Intel core_m5-6y57_firmware
118 Intel core_i5-6360u_firmware
119 Intel core_m5-6y54_firmware
120 Intel core_m3-6y30_firmware
121 Intel core_i3-6100
122 Intel core_i3-6100e
123 Intel core_i3-6100h
124 Intel core_i3-6100t
125 Intel core_i3-6100te
126 Intel core_i3-6100u
127 Intel core_i3-6102e
128 Intel core_i3-6110u
129 Intel core_i3-6120
130 Intel core_i3-6120t
131 Intel core_i3-6167u
132 Intel core_i3-6300
133 Intel core_i3-6300t
134 Intel core_i3-6320
135 Intel core_i3-6320t
136 Intel core_i3-8000
137 Intel core_i3-8000t
138 Intel core_i3-8020
139 Intel core_i3-8100
140 Intel core_i3-8100h
141 Intel core_i3-8100t
142 Intel core_i3-8109u
143 Intel core_i3-8120
144 Intel core_i3-8130u
145 Intel core_i3-8145u
146 Intel core_i3-8300
147 Intel core_i3-8300t
148 Intel core_i3-8350k
149 Intel core_i5-6200u
150 Intel core_i5-6210u
151 Intel core_i5-6260u
152 Intel core_i5-6267u
153 Intel core_i5-6287u
154 Intel core_i5-6300hq
155 Intel core_i5-6300u
156 Intel core_i5-6310u
157 Intel core_i5-6350hq
158 Intel core_i5-6360u
159 Intel core_i5-6400
160 Intel core_i5-6400t
161 Intel core_i5-6440eq
162 Intel core_i5-6440hq
163 Intel core_i5-6442eq
164 Intel core_i5-6500
165 Intel core_i5-6500t
166 Intel core_i5-6500te
167 Intel core_i5-6600
168 Intel core_i5-6600k
169 Intel core_i5-6600t
170 Intel core_i5-8200y
171 Intel core_i5-8210y
172 Intel core_i5-8250u
173 Intel core_i5-8259u
174 Intel core_i5-8265u
175 Intel core_i5-8269u
176 Intel core_i5-8300h
177 Intel core_i5-8305g
178 Intel core_i5-8310y
179 Intel core_i5-8350u
180 Intel core_i5-8365u
181 Intel core_i5-8400
182 Intel core_i5-8400b
183 Intel core_i5-8400h
184 Intel core_i5-8400t
185 Intel core_i5-8420
186 Intel core_i5-8420t
187 Intel core_i5-8500
188 Intel core_i5-8500b
189 Intel core_i5-8500t
190 Intel core_i5-8550
191 Intel core_i5-8600
192 Intel core_i5-8600k
193 Intel core_i5-8600t
194 Intel core_i5-8650
195 Intel core_i5-8650k
196 Intel core_i7-6500u
197 Intel core_i7-6510u
198 Intel core_i7-6560u
199 Intel core_i7-6567u
200 Intel core_i7-6600u
201 Intel core_i7-6650u
202 Intel core_i7-6660u
203 Intel core_i7-6700
204 Intel core_i7-6700hq
205 Intel core_i7-6700k
206 Intel core_i7-6700t
207 Intel core_i7-6700te
208 Intel core_i7-6770hq
209 Intel core_i7-6820eq
210 Intel core_i7-6820hk
211 Intel core_i7-6820hq
212 Intel core_i7-6822eq
213 Intel core_i7-6870hq
214 Intel core_i7-6920hq
215 Intel core_i7-6970hq
216 Intel core_i7-8500y
217 Intel core_i7-8510y
218 Intel core_i7-8550u
219 Intel core_i7-8557u
220 Intel core_i7-8559u
221 Intel core_i7-8560u
222 Intel core_i7-8565u
223 Intel core_i7-8569u
224 Intel core_i7-8650u
225 Intel core_i7-8665u
226 Intel core_i7-8670
227 Intel core_i7-8670t
228 Intel core_i7-8700
229 Intel core_i7-8700b
230 Intel core_i7-8700k
231 Intel core_i7-8700t
232 Intel core_i7-8705g
233 Intel core_i7-8706g
234 Intel core_i7-8709g
235 Intel core_i7-8750h
236 Intel core_i7-8750hf
237 Intel core_i7-8809g
238 Intel core_i7-8850h
239 Intel core_i9-8950hk
240 Intel core_m3-6y30
241 Intel core_m3-8100y
242 Intel core_m5-6y54
243 Intel core_m5-6y57
244 Intel core_m7-6y75
245 Intel core_i3-6110u_firmware
246 Intel core_i7-6510u_firmware
247 Intel core_i5-8550u_firmware
248 Intel core_i5-6210u_firmware
249 Intel core_i5-6310u_firmware
250 Intel core_i5-8550u
1 Fedoraproject fedora
1 Debian debian_linux
1 Xen xen
1 Vmware esxi
: Total Affected Vendor : 5 | Products : 254
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2022-29901.

URL Resource
http://www.openwall.com/lists/oss-security/2022/07/12/2
http://www.openwall.com/lists/oss-security/2022/07/12/4
http://www.openwall.com/lists/oss-security/2022/07/12/5
http://www.openwall.com/lists/oss-security/2022/07/13/1
https://comsec.ethz.ch/retbleed
https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/
https://security.gentoo.org/glsa/202402-07
https://security.netapp.com/advisory/ntap-20221007-0007/
https://www.debian.org/security/2022/dsa-5207
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html
https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/
http://www.openwall.com/lists/oss-security/2022/07/12/2
http://www.openwall.com/lists/oss-security/2022/07/12/4
http://www.openwall.com/lists/oss-security/2022/07/12/5
http://www.openwall.com/lists/oss-security/2022/07/13/1
https://comsec.ethz.ch/retbleed
https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/
https://security.gentoo.org/glsa/202402-07
https://security.netapp.com/advisory/ntap-20221007-0007/
https://www.debian.org/security/2022/dsa-5207
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html
https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
vincent-deng/veracode-container-security-finding-parser

Map Vulnerabilities into Different Layers of the Container Image

Python

Updated: 1 year, 11 months ago
1 stars 0 fork 0 watcher
Born at : Oct. 5, 2022, 12:07 p.m. This repo has been linked 1276 different CVEs too.
Profile Photo
giterlizzi/secdb-feeds

SecDB

Updated: 3 months, 3 weeks ago
0 stars 0 fork 0 watcher
Born at : July 1, 2022, 8:37 p.m. This repo has been linked 82 different CVEs too.
Profile Photo
codexlynx/hardware-attacks-state-of-the-art

Microarchitectural exploitation and other hardware attacks.

meltdown spectre rowhammer microarchitecture infosec hardware state-of-the-art research proof-of-concept exploitation foreshadow sgx intel amd arm side-channel-attacks speculative-execution evictions cache-attack data-sampling

Updated: 2 weeks, 4 days ago
82 stars 10 fork 10 watcher
Born at : Feb. 2, 2020, 5:31 p.m. This repo has been linked 46 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-29901 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2022-29901 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference http://www.openwall.com/lists/oss-security/2022/07/12/2
    Added Reference http://www.openwall.com/lists/oss-security/2022/07/12/4
    Added Reference http://www.openwall.com/lists/oss-security/2022/07/12/5
    Added Reference http://www.openwall.com/lists/oss-security/2022/07/13/1
    Added Reference https://comsec.ethz.ch/retbleed
    Added Reference https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html
    Added Reference https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html
    Added Reference https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/
    Added Reference https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/
    Added Reference https://security.gentoo.org/glsa/202402-07
    Added Reference https://security.netapp.com/advisory/ntap-20221007-0007/
    Added Reference https://www.debian.org/security/2022/dsa-5207
    Added Reference https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html
    Added Reference https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Feb. 04, 2024

    Action Type Old Value New Value
    Added Reference Intel Corporation https://security.gentoo.org/glsa/202402-07 [No types assigned]
  • CVE Source Update by [email protected]

    Nov. 07, 2023

    Action Type Old Value New Value
    Changed Source Switzerland Government Common Vulnerability Program Intel Corporation
  • CVE Modified by [email protected]

    Nov. 07, 2023

    Action Type Old Value New Value
    Added Reference Intel Corporation https://comsec.ethz.ch/retbleed [No types assigned]
    Added Reference Intel Corporation https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html [No types assigned]
    Added Reference Intel Corporation http://www.openwall.com/lists/oss-security/2022/07/12/2 [No types assigned]
    Added Reference Intel Corporation http://www.openwall.com/lists/oss-security/2022/07/12/4 [No types assigned]
    Added Reference Intel Corporation http://www.openwall.com/lists/oss-security/2022/07/12/5 [No types assigned]
    Added Reference Intel Corporation http://www.openwall.com/lists/oss-security/2022/07/13/1 [No types assigned]
    Added Reference Intel Corporation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/ [No types assigned]
    Added Reference Intel Corporation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/ [No types assigned]
    Added Reference Intel Corporation https://www.debian.org/security/2022/dsa-5207 [No types assigned]
    Added Reference Intel Corporation https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html [No types assigned]
    Added Reference Intel Corporation https://security.netapp.com/advisory/ntap-20221007-0007/ [No types assigned]
    Added Reference Intel Corporation https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html [No types assigned]
    Added Reference Intel Corporation https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/ [No types assigned]
    Removed Reference Switzerland Government Common Vulnerability Program http://www.openwall.com/lists/oss-security/2022/07/12/2
    Removed Reference Switzerland Government Common Vulnerability Program https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html
    Removed Reference Switzerland Government Common Vulnerability Program https://comsec.ethz.ch/retbleed
    Removed Reference Switzerland Government Common Vulnerability Program http://www.openwall.com/lists/oss-security/2022/07/12/5
    Removed Reference Switzerland Government Common Vulnerability Program http://www.openwall.com/lists/oss-security/2022/07/12/4
    Removed Reference Switzerland Government Common Vulnerability Program http://www.openwall.com/lists/oss-security/2022/07/13/1
    Removed Reference Switzerland Government Common Vulnerability Program https://lists.fedoraproject.org/archives/list/[email protected]/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/
    Removed Reference Switzerland Government Common Vulnerability Program https://lists.fedoraproject.org/archives/list/[email protected]/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/
    Removed Reference Switzerland Government Common Vulnerability Program https://www.debian.org/security/2022/dsa-5207
    Removed Reference Switzerland Government Common Vulnerability Program https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html
    Removed Reference Switzerland Government Common Vulnerability Program https://security.netapp.com/advisory/ntap-20221007-0007/
    Removed Reference Switzerland Government Common Vulnerability Program https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html
    Removed Reference Switzerland Government Common Vulnerability Program https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/
    Added CWE Intel Corporation CWE-200
    Removed CWE Switzerland Government Common Vulnerability Program CWE-200
    Removed CVSS V3.1 Switzerland Government Common Vulnerability Program AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
    Added CVSS V3.1 Intel Corporation AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
  • CVE Modified by [email protected]

    Oct. 17, 2023

    Action Type Old Value New Value
    Added Reference https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/ [No Types Assigned]
  • Modified Analysis by [email protected]

    Feb. 23, 2023

    Action Type Old Value New Value
    Changed Reference Type https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html No Types Assigned https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html Mailing List, Third Party Advisory
    Changed CPE Configuration OR *cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* OR *cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* *cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Dec. 24, 2022

    Action Type Old Value New Value
    Added Reference https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html [No Types Assigned]
  • Modified Analysis by [email protected]

    Oct. 26, 2022

    Action Type Old Value New Value
    Changed Reference Type https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html No Types Assigned https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html Mailing List, Third Party Advisory
    Changed Reference Type https://security.netapp.com/advisory/ntap-20221007-0007/ No Types Assigned https://security.netapp.com/advisory/ntap-20221007-0007/ Third Party Advisory
    Changed Reference Type https://www.debian.org/security/2022/dsa-5207 No Types Assigned https://www.debian.org/security/2022/dsa-5207 Third Party Advisory
    Added CPE Configuration OR *cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Oct. 07, 2022

    Action Type Old Value New Value
    Added Reference https://security.netapp.com/advisory/ntap-20221007-0007/ [No Types Assigned]
  • CVE Modified by [email protected]

    Sep. 11, 2022

    Action Type Old Value New Value
    Added Reference https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html [No Types Assigned]
  • CVE Modified by [email protected]

    Aug. 16, 2022

    Action Type Old Value New Value
    Added Reference https://www.debian.org/security/2022/dsa-5207 [No Types Assigned]
  • Reanalysis by [email protected]

    Aug. 03, 2022

    Action Type Old Value New Value
    Added CPE Configuration OR *cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:* *cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*
  • Initial Analysis by [email protected]

    Jul. 27, 2022

    Action Type Old Value New Value
    Added CVSS V2 NIST (AV:L/AC:M/Au:N/C:P/I:N/A:N)
    Added CVSS V3.1 NIST AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
    Changed Reference Type http://www.openwall.com/lists/oss-security/2022/07/12/2 No Types Assigned http://www.openwall.com/lists/oss-security/2022/07/12/2 Mailing List, Patch, Third Party Advisory
    Changed Reference Type http://www.openwall.com/lists/oss-security/2022/07/12/4 No Types Assigned http://www.openwall.com/lists/oss-security/2022/07/12/4 Mailing List, Third Party Advisory
    Changed Reference Type http://www.openwall.com/lists/oss-security/2022/07/12/5 No Types Assigned http://www.openwall.com/lists/oss-security/2022/07/12/5 Mailing List, Third Party Advisory
    Changed Reference Type http://www.openwall.com/lists/oss-security/2022/07/13/1 No Types Assigned http://www.openwall.com/lists/oss-security/2022/07/13/1 Mailing List, Third Party Advisory
    Changed Reference Type https://comsec.ethz.ch/retbleed No Types Assigned https://comsec.ethz.ch/retbleed Exploit, Technical Description, Third Party Advisory
    Changed Reference Type https://lists.fedoraproject.org/archives/list/[email protected]/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/ No Types Assigned https://lists.fedoraproject.org/archives/list/[email protected]/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/ Mailing List, Third Party Advisory
    Changed Reference Type https://lists.fedoraproject.org/archives/list/[email protected]/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/ No Types Assigned https://lists.fedoraproject.org/archives/list/[email protected]/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/ Mailing List, Third Party Advisory
    Changed Reference Type https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html No Types Assigned https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html Vendor Advisory
    Added CWE NIST CWE-668
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6500u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6500u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6510u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6510u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6560u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6560u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6567u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6567u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6600u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6600u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6650u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6650u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6660u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6660u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6700:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6700hq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6700hq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6700k_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6700k:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6700t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6700t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6700te_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6700te:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6770hq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6770hq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6820eq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6820eq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6820hk_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6820hk:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6820hq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6820hq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6822eq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6822eq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6870hq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6870hq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6920hq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6920hq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-6970hq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-6970hq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8550u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8559u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8650u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8700b_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8700k_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8705g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8706g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8709g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8750h_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8809g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8850h_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6100_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6100:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6100e_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6100e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6100h_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6100h:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6100t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6100t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6100te_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6100te:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6100u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6100u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6102e_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6102e:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6110u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6110u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6120_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6120:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6120t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6120t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6167u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6167u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6300t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6300t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6320_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6320:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-6320t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-6320t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8000_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8000:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8000t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8000t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8020_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8020:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8100_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8100h_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8100h:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8100t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8109u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8120_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8120:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8130u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8145u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8300t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i3-8350k_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6200u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6200u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6210u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6210u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6260u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6260u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6267u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6267u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6287u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6287u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6300hq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6300hq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6300u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6300u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6310u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6310u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6350hq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6350hq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6360u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6360u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6400_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6400:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6400t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6400t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6440eq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6440eq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6440hq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6440hq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6442eq_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6442eq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6500_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6500t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6500t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6500te_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6500te:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6600_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6600:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6600k_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6600k:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-6600t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-6600t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8200y_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8210y_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8250u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8250u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8259u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8259u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8265u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8269u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8269u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8300h_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8300h:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8305g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8310y_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8350u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8365u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8400_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8400:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8400b_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8400b:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8400h_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8400h:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8400t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8400t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8420_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8420:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8420t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8420t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8500_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8500b_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8500b:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8500t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8500t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8550_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8550:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8550u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8550u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8600_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8600:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8600k_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8600k:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8600t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8600t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8650_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8650:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i5-8650k_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i5-8650k:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8500y_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8510y_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8510y:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8550u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8557u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8559u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8560u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8560u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8565u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8569u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8650u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8665u_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8670_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8670:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8670t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8670t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8700b_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8700t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8705g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8706g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8709g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8750h_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8750hf_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8750hf:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i7-8809g_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_i9-8950hk_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_i9-8950hk:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_m3-6y30_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_m3-6y30:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_m3-8100y_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_m5-6y54_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_m5-6y54:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_m5-6y57_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_m5-6y57:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:core_m7-6y75_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:intel:core_m7-6y75:-:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* *cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* *cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Jul. 15, 2022

    Action Type Old Value New Value
    Added Reference https://lists.fedoraproject.org/archives/list/[email protected]/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/ [No Types Assigned]
  • CVE Modified by [email protected]

    Jul. 14, 2022

    Action Type Old Value New Value
    Added Reference https://lists.fedoraproject.org/archives/list/[email protected]/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/ [No Types Assigned]
  • CVE Modified by [email protected]

    Jul. 13, 2022

    Action Type Old Value New Value
    Added Reference http://www.openwall.com/lists/oss-security/2022/07/13/1 [No Types Assigned]
  • CVE Modified by [email protected]

    Jul. 12, 2022

    Action Type Old Value New Value
    Added Reference http://www.openwall.com/lists/oss-security/2022/07/12/5 [No Types Assigned]
    Added Reference http://www.openwall.com/lists/oss-security/2022/07/12/4 [No Types Assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2022-29901 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2022-29901 weaknesses.

CAPEC-13: Subverting Environment Variable Values Subverting Environment Variable Values CAPEC-22: Exploiting Trust in Client Exploiting Trust in Client CAPEC-59: Session Credential Falsification through Prediction Session Credential Falsification through Prediction CAPEC-60: Reusing Session IDs (aka Session Replay) Reusing Session IDs (aka Session Replay) CAPEC-79: Using Slashes in Alternate Encoding Using Slashes in Alternate Encoding CAPEC-116: Excavation Excavation CAPEC-169: Footprinting Footprinting CAPEC-224: Fingerprinting Fingerprinting CAPEC-285: ICMP Echo Request Ping ICMP Echo Request Ping CAPEC-287: TCP SYN Scan TCP SYN Scan CAPEC-290: Enumerate Mail Exchange (MX) Records Enumerate Mail Exchange (MX) Records CAPEC-291: DNS Zone Transfers DNS Zone Transfers CAPEC-292: Host Discovery Host Discovery CAPEC-293: Traceroute Route Enumeration Traceroute Route Enumeration CAPEC-294: ICMP Address Mask Request ICMP Address Mask Request CAPEC-295: Timestamp Request Timestamp Request CAPEC-296: ICMP Information Request ICMP Information Request CAPEC-297: TCP ACK Ping TCP ACK Ping CAPEC-298: UDP Ping UDP Ping CAPEC-299: TCP SYN Ping TCP SYN Ping CAPEC-300: Port Scanning Port Scanning CAPEC-301: TCP Connect Scan TCP Connect Scan CAPEC-302: TCP FIN Scan TCP FIN Scan CAPEC-303: TCP Xmas Scan TCP Xmas Scan CAPEC-304: TCP Null Scan TCP Null Scan CAPEC-305: TCP ACK Scan TCP ACK Scan CAPEC-306: TCP Window Scan TCP Window Scan CAPEC-307: TCP RPC Scan TCP RPC Scan CAPEC-308: UDP Scan UDP Scan CAPEC-309: Network Topology Mapping Network Topology Mapping CAPEC-310: Scanning for Vulnerable Software Scanning for Vulnerable Software CAPEC-312: Active OS Fingerprinting Active OS Fingerprinting CAPEC-313: Passive OS Fingerprinting Passive OS Fingerprinting CAPEC-317: IP ID Sequencing Probe IP ID Sequencing Probe CAPEC-318: IP 'ID' Echoed Byte-Order Probe IP 'ID' Echoed Byte-Order Probe CAPEC-319: IP (DF) 'Don't Fragment Bit' Echoing Probe IP (DF) 'Don't Fragment Bit' Echoing Probe CAPEC-320: TCP Timestamp Probe TCP Timestamp Probe CAPEC-321: TCP Sequence Number Probe TCP Sequence Number Probe CAPEC-322: TCP (ISN) Greatest Common Divisor Probe TCP (ISN) Greatest Common Divisor Probe CAPEC-323: TCP (ISN) Counter Rate Probe TCP (ISN) Counter Rate Probe CAPEC-324: TCP (ISN) Sequence Predictability Probe TCP (ISN) Sequence Predictability Probe CAPEC-325: TCP Congestion Control Flag (ECN) Probe TCP Congestion Control Flag (ECN) Probe CAPEC-326: TCP Initial Window Size Probe TCP Initial Window Size Probe CAPEC-327: TCP Options Probe TCP Options Probe CAPEC-328: TCP 'RST' Flag Checksum Probe TCP 'RST' Flag Checksum Probe CAPEC-329: ICMP Error Message Quoting Probe ICMP Error Message Quoting Probe CAPEC-330: ICMP Error Message Echoing Integrity Probe ICMP Error Message Echoing Integrity Probe CAPEC-472: Browser Fingerprinting Browser Fingerprinting CAPEC-497: File Discovery File Discovery CAPEC-508: Shoulder Surfing Shoulder Surfing CAPEC-573: Process Footprinting Process Footprinting CAPEC-574: Services Footprinting Services Footprinting CAPEC-575: Account Footprinting Account Footprinting CAPEC-576: Group Permission Footprinting Group Permission Footprinting CAPEC-577: Owner Footprinting Owner Footprinting CAPEC-616: Establish Rogue Location Establish Rogue Location CAPEC-643: Identify Shared Files/Directories on System Identify Shared Files/Directories on System CAPEC-646: Peripheral Footprinting Peripheral Footprinting CAPEC-651: Eavesdropping Eavesdropping
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.07 }} -0.01%

score

0.29982

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: