ALPINE-CVE-2023-28746

ALPINE-CVE-2023-28746 PUBLISHED CVSS 6.5 MEDIUM

Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Alpine:v3.19	intel-ucode	20201112-r0, 20210216-r0, 20210608-r0
Alpine:v3.18	xen	4.2.1-r1, 4.2.1-r10, 4.2.1-r11
Alpine:v3.19	xen	4.17.0-r5, 4.0.1-r1, 4.0.1-r2
Alpine:v3.17	xen	4.2.1-r6, 4.2.1-r4, 4.2.1-r3
Alpine:v3.22	intel-ucode	0, 20130222-r0, 20170511-r0
Alpine:v3.20	xen	4.1.0-r1, 0, 4.0.1-r0
Alpine:v3.20	intel-ucode	20230214-r0, 20221108-r0, 20220419-r0
Alpine:v3.22	xen	4.2.0-r2, 4.2.0-r1, 4.2.0-r0
Alpine:v3.16	xen	4.8.1-r0, 4.16.5-r6, 4.2.0-r0
Alpine:v3.23	xen	4.17.0-r4, 4.6.0-r2, 4.2.0-r4
Alpine:v3.21	intel-ucode	0, 20170511-r0, 20180108-r0
Alpine:v3.21	xen	4.17.1-r4, 0, 4.0.1-r0
Alpine:v3.17	intel-ucode	20130222-r0, 20231114-r0, 20230808-r0
Alpine:v3.18	intel-ucode	20230613-r0, 20231114-r0, 20230808-r0
Alpine:v3.23	intel-ucode	20170511-r0, 20231114-r0, 20230808-r0

Timeline

Mar 14, 2024 CVE Published
Dec 3, 2025 CVE Updated
Apr 30, 2026 Distribution Patch

References

https://security.alpinelinux.org/vuln/CVE-2023-28746 advisory

Open in Interactive Console →