Acknowledged
Created: Mar 10, 2022
Updated: Mar 15, 2022
Previous ID: LIN1019-7989
Found In Version: 10.21.20.9
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel
Branch History Injection (BHI) describes a specific form of intra-mode BTI (bug CVE-2022-0001), where an unprivileged attacker may manipulate branch history before transitioning to supervisor or VMX root mode in an effort to cause an indirect branch predictor to select a specific predictor entry for an indirect branch, and a disclosure gadget at the predicted target will transiently execute. This may be possible since the relevant branch history may contain branches taken in previous security contexts, and in particular, in other predictor modes.
CREATE(Triage):(User=admin) CVE-2022-0001 (https://nvd.nist.gov/vuln/detail/CVE-2022-0001)