{"id":"CVE-2022-29901","details":"Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.","modified":"2026-04-16T00:01:49.246919750Z","published":"2022-07-12T19:15:08.437Z","related":["ALSA-2022:7110","ALSA-2022:7134","ALSA-2022:7933","ALSA-2022:8267","SUSE-SU-2022:2376-1","SUSE-SU-2022:2377-1","SUSE-SU-2022:2379-1","SUSE-SU-2022:2382-1","SUSE-SU-2022:2393-1","SUSE-SU-2022:2407-1","SUSE-SU-2022:2411-1","SUSE-SU-2022:2424-1","SUSE-SU-2022:2424-2","SUSE-SU-2022:2478-1","SUSE-SU-2022:2520-1","SUSE-SU-2022:2549-1","SUSE-SU-2022:2615-1","SUSE-SU-2022:2629-1","SUSE-SU-2022:2809-1","SUSE-SU-2022:4616-1","SUSE-SU-2023:0416-1","SUSE-SU-2025:03310-1","SUSE-SU-2025:1027-1","SUSE-SU-2025:1176-1","SUSE-SU-2025:1183-1","SUSE-SU-2025:1194-1","SUSE-SU-2025:1241-1","SUSE-SU-2025:1263-1","openSUSE-SU-2022:2549-1","openSUSE-SU-2024:12193-1","openSUSE-SU-2024:13704-1"],"references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2022/07/12/4"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2022/07/12/5"},{"type":"WEB","url":"https://comsec.ethz.ch/retbleed"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2022/07/12/2"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2022/07/13/1"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202402-07"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20221007-0007/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5207"},{"type":"ADVISORY","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html"},{"type":"ARTICLE","url":"https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"36"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-beta"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_1"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_1a"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_1b"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_1c"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_1d"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_2"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_2a"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_2c"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_2d"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_2e"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_3c"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_3d"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0-update_3e"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-29901.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"}]}