CVE-2023-38575 MEDIUM

CVE-2023-38575

Vendor N/A
Product Intel(R) Processors
Weakness CWE-1303
Published March 14, 2024
Last update February 13, 2025

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Key dates

02Disclosure timeline

March 14, 2024 CVE published
February 13, 2025 Record updated