blob: cc545f366d6e389cd88dff0d0073a94897f675c4 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
Description: Linux kernel BPF protection against speculative execution attacks can be bypassed to read arbitrary kernel memory
References:
https://www.openwall.com/lists/oss-security/2021/06/21/1
Notes:
carnil> 9183671af6db ("bpf: Fix leakage under speculation on
carnil> mispredicted branches") is the main part of the fixes.
Bugs:
upstream: released (5.13-rc7) [d203b0fd863a2261e5d00b97f3d060c4c2a6db71, fe9a5ca7e370e613a9a75a13008a3845ea759d6e, 9183671af6dbf60a1219371d4ed73e23f43b49db, 973377ffe8148180b2651825b92ae91988141b05]
5.10-upstream-stable: released (5.10.46) [e9d271731d21647f8f9e9a261582cf47b868589a, 8c82c52d1de931532200b447df8b4fc92129cfd9, 5fc6ed1831ca5a30fb0ceefd5e33c7c689e7627b]
4.19-upstream-stable: needed
4.9-upstream-stable: needed
sid: pending (5.10.45-1) [bugfix/all/bpf-Inherit-expanded-patched-seen-count-from-old-aux.patch, bugfix/all/bpf-Do-not-mark-insn-as-seen-under-speculative-path-.patch, bugfix/all/bpf-Fix-leakage-under-speculation-on-mispredicted-br.patch]
4.19-buster-security: needed
4.9-stretch-security: needed
|
