CVE-2022-29901
MEDIUMIntel Core I7-6500u Firmware - Information Disclosure
Title source: ruleDescription
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.
References (14)
Scores
CVSS v3
5.6
EPSS
0.0008
EPSS Percentile
23.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Classification
CWE
CWE-200
CWE-668
Status
published
Affected Products (50)
intel/core_i7-6500u_firmware
intel/core_i7-6510u_firmware
intel/core_i7-6560u_firmware
intel/core_i7-6567u_firmware
intel/core_i7-6600u_firmware
intel/core_i7-6650u_firmware
intel/core_i7-6660u_firmware
intel/core_i7-6700_firmware
intel/core_i7-6700hq_firmware
intel/core_i7-6700k_firmware
intel/core_i7-6700t_firmware
intel/core_i7-6700te_firmware
intel/core_i7-6770hq_firmware
intel/core_i7-6820eq_firmware
intel/core_i7-6820hk_firmware
... and 35 more
Timeline
Published
Jul 12, 2022
Tracked Since
Feb 18, 2026