CVE-2022-29901: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-29901 is a vulnerability affecting Intel microprocessor generations 6 to 8 (Skylake through Coffee Lake), discovered in 2022. This vulnerability, known as Retbleed, allows attackers with unprivileged user access to hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions, bypassing existing retpoline mitigations in the kernel to leak arbitrary data (NVD, Intel Advisory).

The vulnerability is a new variant of Spectre that specifically targets return instructions. It exploits insufficient protections against speculative branch target injection attacks in certain circumstances. The vulnerability has a CVSS v3.1 base score of 6.5 (MEDIUM) with vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N according to NVD, while Intel rates it at 5.6 (MEDIUM) with vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N (NVD).

Successful exploitation of this vulnerability could allow an attacker to leak arbitrary kernel data if they have enough control over registers and memory at the victim's return instruction. This could lead to disclosure of sensitive information from the affected system (SecPod).

Intel recommends using enhanced Indirect Branch Restricted Speculation (eIBRS) to address this vulnerability, even though Retpoline has previously addressed similar issues. IBRS is pre-installed on Windows systems, so no additional update is required. Various Linux distributions have also released patches to address this vulnerability (Intel Advisory, SecPod).