CVE-2022-42331 Information

Description

x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254) one entrypath performs its speculation-safety actions too late. In some configurations there is an unprotected RET instruction which can be attacked with a variety of speculative attacks.

Reference

https://xenbits.xenproject.org/xsa/advisory-429.txt http://xenbits.xen.org/xsa/advisory-429.html http://www.openwall.com/lists/oss-security/2023/03/21/3