SpecExec Vulnerability in 32Bit SYSCALL Path
CVE-2022-42331 Published on March 21, 2023

x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variety of speculative attacks.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2022-42331

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-42331 are published in these products:

Citrix Xen Xen

Fedora Project Fedora

Linux Kernel

Affected Versions

xen Version consult Xen advisory XSA-429 is unknown by CVE-2022-42331

Exploit Probability

EPSS

0.06%

Percentile

17.39%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

SpecExec Vulnerability in 32Bit SYSCALL PathCVE-2022-42331 Published on March 21, 2023

Products Associated with CVE-2022-42331

Affected Versions

Exploit Probability

SpecExec Vulnerability in 32Bit SYSCALL Path
CVE-2022-42331 Published on March 21, 2023