Vulnerability in Linux Kernel X86 CPU Power Management Options Allows Unauthorized Memory Access via Speculative Execution Behavior

Vulnerability in Linux Kernel X86 CPU Power Management Options Allows Unauthorized Memory Access via Speculative Execution Behavior

CVE-2023-1637 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unauthorized access to some memory of the CPU similar to the speculative execution behavior kind of attacks.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.