diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2019-12-11 07:42:13 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2019-12-11 07:42:13 +0100 |
commit | 9082b89f150557cc5c7e277e872cbb9be58dbc38 (patch) | |
tree | ba9d7610b57559c6042207cd577d3b3998a03762 /retired/CVE-2019-19338 | |
parent | babb4506d43e1369e0072f88f53ccb83f1b3ea4d (diff) |
Retire CVE-2019-19338
Diffstat (limited to 'retired/CVE-2019-19338')
-rw-r--r-- | retired/CVE-2019-19338 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2019-19338 b/retired/CVE-2019-19338 new file mode 100644 index 00000000..3a740e22 --- /dev/null +++ b/retired/CVE-2019-19338 @@ -0,0 +1,17 @@ +Description: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA +References: + https://bugzilla.redhat.com/show_bug.cgi?id=1781514 + https://www.openwall.com/lists/oss-security/2019/12/10/3 +Notes: + carnil> Issue actually only for distro kernels which do not include + carnil> commit commit e1d38b63acd8 ("kvm/x86: Export MDS_NO=0 to guests + carnil> when TSX is enabled") and have TSX enabled by default. +Bugs: +upstream: released (5.5-rc1) [cbbaa2727aa3ae9e0a844803da7cef7fd3b94f2b, c11f83e0626bdc2b6c550fc8b9b6eeefbd8cefaa, b07a5c53d42a8c87b208614129e947dd2338ff9c] +4.19-upstream-stable: ignored "Commits might be backported, but vulnerability specific to distro kernels" +4.9-upstream-stable: ignored "Commits might be backported, but vulnerability specific to distro kernels" +3.16-upstream-stable: ignored "Commits might be backported, but vulnerability specific to distro kernels" +sid: N/A "Vulnerability due to incomplete fix not introduced" +4.19-buster-security: N/A "Vulnerability due to incomplete fix not introduced" +4.9-stretch-security: N/A "Vulnerability due to incomplete fix not introduced" +3.16-jessie-security: N/A "Vulnerability due to incomplete fix not introduced" |