Description: Linux kernel protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory References: https://www.openwall.com/lists/oss-security/2021/05/04/4 https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=b9b34ddbe2076ade359cd5ce7537d5ed019e9807 https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=801c6058d14a82179a7ee17a4b532cac6fad067f Notes: bwh> Introduced by fix for CVE-2019-7308. Bugs: upstream: released (5.13-rc1) [b9b34ddbe2076ade359cd5ce7537d5ed019e9807, 801c6058d14a82179a7ee17a4b532cac6fad067f] 5.10-upstream-stable: released (5.10.35) [2cfa537674cd1051a3b8111536d77d0558f33d5d, 2fa15d61e4cbaaa1d1250e67b251ff96952fa614] 4.19-upstream-stable: released (4.19.190) [0e2dfdc74a7f4036127356d42ea59388f153f42c], released (4.19.193) [bd9df99da9569befff2234b1201ac4e065e363d0] 4.9-upstream-stable: N/A "Vulnerable code not present" sid: released (5.10.38-1) 4.19-buster-security: released (4.19.194-1) 4.9-stretch-security: N/A "Vulnerable code not present"