Add used DSA text for 4.9.65-3+deb9u2

1 files changed, 28 insertions, 0 deletions

diff --git a/dsa-texts/4.9.65-3+deb9u2 b/dsa-texts/4.9.65-3+deb9u2
new file mode 100644
index 00000000..0d01baa5
--- /dev/null
+++ b/dsa-texts/4.9.65-3+deb9u2
@@ -0,0 +1,28 @@
+Package        : linux
+CVE ID         : CVE-2017-5754
+
+Multiple researchers have discovered a vulnerability in Intel processors,
+enabling an attacker controlling an unprivileged process to read memory from
+arbitrary addresses, including from the kernel and all other processes running
+on the system.
+
+This specific attack has been named Meltdown and is addressed in the Linux
+kernel for the Intel x86-64 architecture by a patch set named Kernel Page Table
+Isolation, enforcing a near complete separation of the kernel and userspace
+address maps and preventing the attack. This solution might have a performance
+impact, and can be disabled at boot time by passing `pti=off' to the kernel
+command line.
+
+We also identified a regression for ancient userspaces using the vsyscall
+interface, for example chroot and containers using (e)glibc 2.13 and older,
+including those based on Debian 7 or RHEL/CentOS 6. This regression will be
+fixed in a later update.
+
+The other vulnerabilities (named Spectre) published at the same time are not
+addressed in this update and will be fixed in a later update.
+
+For the oldstable distribution (jessie), this problem will be fixed in a
+separate update.
+
+For the stable distribution (stretch), this problem has been fixed in
+version 4.9.65-3+deb9u2.