summaryrefslogtreecommitdiffstats
path: root/active/CVE-2020-10766
blob: 1597469ad83083b3886c3e1a99b22970bc2d0bfe (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

Description: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection.
References:
 https://lkml.org/lkml/2020/6/9/181
 https://www.openwall.com/lists/oss-security/2020/06/10/1
 https://bugzilla.redhat.com/show_bug.cgi?id=1845840
Notes:
 carnil> Commit fixes 5bfbe3ad5840 ("x86/speculation: Prepare for per
 carnil> task indirect branch speculation control")
Bugs:
upstream: released (5.8-rc1) [dbbe2ad02e9df26e372f38cc3e70dab9222c832e]
4.19-upstream-stable: released (4.19.129) [5aaf72a0dcb82d5c98f3b7df149baf4c7cf63e19]
4.9-upstream-stable: released (4.9.228) [fc0abf5a64ea5d028af0cf5d37d5898afe6748c5]
3.16-upstream-stable: needed
sid: pending (5.7.6-1)
4.19-buster-security: needed
4.9-stretch-security: needed
3.16-jessie-security: needed

© 2014-2024 Faster IT GmbH | imprint | privacy policy