# Retbleed

> Mediated Wiki article. Canonical URL: https://mediated.wiki/source/Retbleed
> Markdown URL: https://mediated.wiki/source/Retbleed.md
> Source: https://en.wikipedia.org/wiki/Retbleed
> Source revision: 1345628574
> License: Creative Commons Attribution-ShareAlike 4.0 International (https://creativecommons.org/licenses/by-sa/4.0/)

Speculative execution attack on x86–64 processors

See also: [Transient execution CPU vulnerability](/source/Transient_execution_CPU_vulnerability)

Retbleed CVE identifiers CVE-2022-29900, CVE-2022-29901, CVE-2022-28693[dead link]

**Retbleed** is a [speculative execution](/source/Speculative_execution) attack on [x86-64](/source/X86-64) and [ARM](/source/ARM_architecture_family) processors, including some recent [Intel](/source/Intel) and [AMD](/source/AMD) chips.[1][2] First made public in 2022, it is a variant of the [Spectre](/source/Spectre_(security_vulnerability)) vulnerability which exploits [retpoline](/source/Retpoline) (return [trampoline](/source/Trampoline_(computing))), which was a mitigation for speculative execution attacks.[3]

According to the researchers, Retbleed mitigations require extensive changes to the system which results in up to 14% and 39% performance loss on Linux for affected AMD and Intel CPU respectively.[4] The [PoC](/source/Proof_of_concept) works against [Intel Core](/source/Intel_Core) 6th, 7th and 8th generation microarchitectures and [AMD Zen](/source/Zen_(microarchitecture)) 1, Zen 1+, and Zen 2 microarchitectures.

An official document from ARM informs that all ARM CPUs affected by Spectre are also affected by Retbleed.[2]

[Windows](/source/Microsoft_Windows) is not vulnerable because the existing mitigations already tackle it.[1] [Linux](/source/Linux_kernel) kernels 5.18.14 and 5.19 contain the fixes.[5][6] The 32-bit Linux kernel, which is vulnerable, will not receive updates to fix the issue.[7]

## References

1. ^ [***a***](#cite_ref-:0_1-0) [***b***](#cite_ref-:0_1-1) Claburn, Thomas. ["AMD, Intel chips vulnerable to 'Retbleed' Spectre variant"](https://www.theregister.com/2022/07/12/amd_intel_retbleed/). *www.theregister.com*. Retrieved 2022-07-12.

1. ^ [***a***](#cite_ref-arm-retbleed-official_2-0) [***b***](#cite_ref-arm-retbleed-official_2-1) ARM Developer. ["Q: Are Arm CPUs affected by the RETBLEED side-channel disclosed on the 13th July 2022?"](https://developer.arm.com/documentation/ka005138/1-0/?lang=en). Retrieved 2022-07-13.

1. **[^](#cite_ref-3)** Goodin, Dan (2022-07-12). ["Intel and AMD CPUs vulnerable to a new speculative execution attack"](https://arstechnica.com/information-technology/2022/07/intel-and-amd-cpus-vulnerable-to-a-new-speculative-execution-attack/). *Ars Technica*. Retrieved 2022-07-12.

1. **[^](#cite_ref-retbleed-official_4-0)** [ETH Zurich](/source/ETH_Zurich) Computer Security Group. ["Retbleed: Arbitrary Speculative Code Execution with Return Instructions"](https://comsec.ethz.ch/research/microarch/retbleed/). Retrieved 2022-07-13.

1. **[^](#cite_ref-5)** ["Stable kernels 5.18.14 and 5.15.57 \[LWN.net\]"](https://lwn.net/Articles/902316/). *lwn.net*. Retrieved 2022-08-06.

1. **[^](#cite_ref-6)** Sharwood, Simon (2022-07-17). ["Torvalds: Linux kernel team has sorted Retbleed chip flaw"](https://www.theregister.com/2022/07/17/linux_5_19_rc7/). *www.theregister.com*. Retrieved 2022-09-13.

1. **[^](#cite_ref-7)** Michael Larabel (2022-07-24). ["Linux x86 32-bit Is Vulnerable To Retbleed But Don't Expect It To Get Fixed"](https://www.phoronix.com/news/Linux-x86-Retbleed). *phoronix.com*.

## External links

- [Retbleed: Arbitrary Speculative Code Execution with Return Instructions](https://comsec.ethz.ch/research/microarch/retbleed/)

- [Original Retbleed proof of concept](https://github.com/comsec-group/retbleed) on [GitHub](/source/GitHub)

v t e Speculative execution security vulnerabilities Variants Bounds Check Bypass (Spectre, Variant 1) Bounds Check Bypass Store (Spectre-NG) Branch Target Injection (Spectre, Variant 2) Downfall Foreshadow Lazy FP state restore (Spectre-NG) Load value injection Microarchitectural Data Sampling Pacman Retbleed Rogue Data Cache Load (Meltdown, Variant 3) Rogue System Register Read (Spectre-NG, Variant 3a) Speculative Store Bypass (Spectre-NG, Variant 4) Spoiler Topics Cache side-channel attack Hardware security bug Speculative execution Transient execution CPU vulnerability

v t e Hacking in the 2020s ← 2010s Timeline of security hacking incidents Timeline of computer viruses and worms Major incidents 2020 BlueLeaks Twitter account hijacking European Medicines Agency data breach Nintendo data leak United States federal government data breach EasyJet data breach Vastaamo data breach Windows XP Service Pack 1 and Server 2003 RTM source code leaks 2021 Microsoft Exchange Server breach Ivanti Pulse Connect Secure data breach Colonial Pipeline ransomware attack Health Service Executive ransomware attack Waikato District Health Board ransomware attack JBS S.A. ransomware attack Kaseya VSA ransomware attack Transnet ransomware attack Epik data breach FBI email hack National Rifle Association ransomware attack Banco de Oro hack Iranian fuel cyberattack 2022 Ukraine cyberattacks Red Cross data breach Anonymous and the Russian invasion of Ukraine Viasat hack DDoS attacks on Romania Costa Rican ransomware attack LastPass vault theft Shanghai police database leak Grand Theft Auto VI content leak Optus data breach 2023 Munster Technological University ransomware attack Capita data breach Evide data breach MOVEit data breach Insomniac Games data breach Operation Triangulation cyberattack British Library cyberattack 2024 XZ Utils backdoor Kadokawa and Niconico Change Healthcare ransomware attack Ukrainian cyberattacks against Russia 2024 WazirX hack Trump campaign hack Fur Affinity domain hijacking IRLeaks attack on Iranian banks Internet Archive data breach i-Soon leak 2024 global telecommunications hack 2024 National Public Data breach 2025 Cyberattacks on Bank Sepah 2025 Paraguay ransomware attack 4chan hacking and data breach 2025 St. Paul cyberattack Jaguar Land Rover cyberattack Collins Aerospace cyberattack 2025 cyberattack on Polish power grid 2026 Aura (security) data breach ManageMyHealth data breach Neighbourly data breach Cyberwarfare during the 2026 Iran war 2026 Canvas data breach Groups Anonymous associated events Anonymous Sudan Berserk Bear BlackCat Clop Cozy Bear DarkMatter DarkSide Dark Storm Team Dridex Ghostwriter GnosticPlayers Guacamaya Hafnium Indian Cyber Force IT Army of Ukraine Killnet Lapsus$ LightBasin LockBit OceanLotus REvil Rhysida Sandworm Sakura Samurai ShinyHunters SiegedSec Vice Society Wizard Spider Individuals Graham Ivan Clark maia arson crimew IntelBroker Kirtaner Major vulnerabilities publicly disclosed SMBGhost (2020) Thunderspy (2020) PrintNightmare (2021) FORCEDENTRY (2021) Log4Shell (2021) Account pre-hijacking (2022) Retbleed (2022) Downfall (2023) LogoFAIL (2023) Reptar (2023) Terrapin (2023) GoFetch (2024) Sinkclose (2024) Copy Fail (2026) Malware Adrozek CovidLock Drovorub Predator BlackLotus Cyclops Blink Pipedream Akira ClickFix Gayfemboy BootKitty

---
Adapted from the Wikipedia article [Retbleed](https://en.wikipedia.org/wiki/Retbleed) by Wikipedia contributors ([contributor history](https://en.wikipedia.org/wiki/Retbleed?action=history)). Available under [Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/). Changes may have been made.