CVE-2022-0001: Intel: CVE-2022-0001 Branch History Injection

Overview

Severity
Medium (CVSS 4.7)
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Category
Information Disclosure
Exploit Status
Not Exploited
Exploitation Likelihood
Less Likely
Patch Tuesday
2024-Apr
Released
2024-04-09
Last Updated
2025-01-14
EPSS Score
0.29% (percentile: 52.3%)

Description

This CVE was assigned by Intel. Please see CVE-2022-0001 on CVE.org for more information.

FAQ

Why is this Intel CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in certain processor models offered by Intel and was initially disclosed March 8, 2022. Intel published updates April 9, 2024 and this CVE is being documented in the Security Update Guide to inform customers of the available mitigation and its potential performance impact. The mitigation for this vulnerability is disabled by default and manual action is required for customers to be protected. The following documentation was updated by Intel on April 9, 2024 and can be referenced for more information: CVE-2022-0001 https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/branch-history-injection.html https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html What steps are required to protect my system against the vulnerability? We are providing the following registry information to enable the mitigations for this CVE. Important: This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry see How to back up and restore the registry in Windows. To enable the mitigation for CVE-2022-0001 on Windows devices and clients using Intel Processors: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0x00800000 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 0x00000003 /f Custo

Detection & Weaponization (1 sources)

Maturity: Exploit

  • GitHub PoC: 1 repositories

Affected Products (38)

Windows

  • Windows 10 Version 1809 for 32-bit Systems
  • Windows 10 Version 1809 for x64-based Systems
  • Windows 10 Version 1809 for ARM64-based Systems
  • Windows Server 2019
  • Windows Server 2019 (Server Core installation)
  • Windows Server 2022
  • Windows Server 2022 (Server Core installation)
  • Windows 11 version 21H2 for x64-based Systems
  • Windows 11 version 21H2 for ARM64-based Systems
  • Windows 10 Version 21H2 for 32-bit Systems
  • Windows 10 Version 21H2 for ARM64-based Systems
  • Windows 10 Version 21H2 for x64-based Systems
  • Windows 11 Version 22H2 for ARM64-based Systems
  • Windows 11 Version 22H2 for x64-based Systems
  • Windows 10 Version 22H2 for x64-based Systems
  • Windows 10 Version 22H2 for ARM64-based Systems
  • Windows 10 Version 22H2 for 32-bit Systems
  • Windows 11 Version 23H2 for ARM64-based Systems
  • Windows 11 Version 23H2 for x64-based Systems
  • Windows Server 2022, 23H2 Edition (Server Core installation)
  • Windows 10 for 32-bit Systems
  • Windows 10 for x64-based Systems
  • Windows 10 Version 1607 for 32-bit Systems
  • Windows 10 Version 1607 for x64-based Systems
  • Windows Server 2016
  • Windows Server 2016 (Server Core installation)
  • Windows 11 Version 24H2 for ARM64-based Systems
  • Windows 11 Version 24H2 for x64-based Systems

ESU

  • Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Windows Server 2012
  • Windows Server 2012 (Server Core installation)
  • Windows Server 2012 R2
  • Windows Server 2012 R2 (Server Core installation)

Security Updates (15)

Acknowledgments

Anonymous, Cristiano Giuffrida from the VUSec group at VU Amsterdam

Revision History

  • 2024-04-09: Information published.
  • 2024-04-09: The following changes have been made: 1). Updated CVE ID to reflect CVE ID assigned by Intel Corporation. 2) . Updated CVE title 3). Updated FAQ content 4). Updated Finder Acknowledgment. These are informational changes only.
  • 2024-04-10: Corrected one or more links in the FAQ. This is an informational change only.
  • 2024-04-11: Updated CWE value. This is an informational change only.
  • 2024-10-08: In the Security Updates table, the following changes have been made: 1) Added Windows 11 Version 24H2 as it is affected by this vulnerability. 2) To comprehensively address CVE-2022-0001, Microsoft has released Ocotber 2024 security updates for all affected versions of Windows Server 2022, 23H2 Edition (Serve Core installation), Windows Server 2022, Windows 11 Version 21H2, Windows 11 Version 22H2, and Windows 11 Version 23H2. Microsoft recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.
  • 2025-01-14: Added an FAQ to inform customers that the changes to address this vulnerability updated Virtual Secure Mode components. The policy described in Guidance for blocking rollback of Virtualization-based Security (VBS) related security updates has been updated to account for the latest changes. If you deployed this policy, then you'll need to redeploy using the updated policy.