ALPINE-CVE-2023-28746

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2023-28746
Published: 14 Mar 2024, 17:15
Last modified:03 Dec 2025, 22:52

Vulnerability Summary

Overall Risk (default)
medium
26/100
CVSS Score
6.5 MEDIUM
3.1 (osv_alpine)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

14 Mar 2024, 17:15
Published
Vulnerability first disclosed
03 Dec 2025, 22:52
Last Modified
Vulnerability information updated

Description

Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Metrics

  • v3.1MEDIUMScore: 6.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Affected Systems

  • alpineintel-ucode

    < 20240813-r0 | < 20240813-r0 | < 20240312-r0 | < 20240312-r0 | < 20240312-r0 | < 20240312-r0 | < 20240312-r0

  • alpinexen

    < 4.16.5-r7 | < 4.16.5-r7 | < 4.17.3-r1 | < 4.18.0-r4 | < 4.18.0-r5 | < 4.18.0-r5 | < 4.18.0-r5 | < 4.18.0-r5

References (1)