Exploit maturity not defined.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade Amazon-Linux:2022
kernel-debuginfo-common-aarch64
to version 0:5.15.57-29.131.amzn2022 or higher.
This issue was patched in ALAS2022-2022-127
.
Note: Versions mentioned in the description apply only to the upstream kernel-debuginfo-common-aarch64
package and not the kernel-debuginfo-common-aarch64
package as distributed by Amazon-Linux
.
See How to fix?
for Amazon-Linux:2022
relevant fixed versions and status.
Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.