new SSBD related issues

3 files changed, 42 insertions, 0 deletions

diff --git a/active/CVE-2020-10766 b/active/CVE-2020-10766
new file mode 100644
index 00000000..6964ef51
--- /dev/null
+++ b/active/CVE-2020-10766
@@ -0,0 +1,14 @@
+Description: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection.
+References:
+ https://lkml.org/lkml/2020/6/9/181
+ https://www.openwall.com/lists/oss-security/2020/06/10/1
+Notes:
+Bugs:
+upstream:
+4.19-upstream-stable:
+4.9-upstream-stable:
+3.16-upstream-stable:
+sid:
+4.19-buster-security:
+4.9-stretch-security:
+3.16-jessie-security:
diff --git a/active/CVE-2020-10767 b/active/CVE-2020-10767
new file mode 100644
index 00000000..a3890396
--- /dev/null
+++ b/active/CVE-2020-10767
@@ -0,0 +1,14 @@
+Description: Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available.
+References:
+ https://lkml.org/lkml/2020/6/9/183
+ https://www.openwall.com/lists/oss-security/2020/06/10/1
+Notes:
+Bugs:
+upstream:
+4.19-upstream-stable:
+4.9-upstream-stable:
+3.16-upstream-stable:
+sid:
+4.19-buster-security:
+4.9-stretch-security:
+3.16-jessie-security:
diff --git a/active/CVE-2020-10768 b/active/CVE-2020-10768
new file mode 100644
index 00000000..f17af3fd
--- /dev/null
+++ b/active/CVE-2020-10768
@@ -0,0 +1,14 @@
+Description: Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command.
+References:
+ https://lkml.org/lkml/2020/6/9/184
+ https://www.openwall.com/lists/oss-security/2020/06/10/1
+Notes:
+Bugs:
+upstream:
+4.19-upstream-stable:
+4.9-upstream-stable:
+3.16-upstream-stable:
+sid:
+4.19-buster-security:
+4.9-stretch-security:
+3.16-jessie-security: