summaryrefslogtreecommitdiffstats
path: root/retired/CVE-2017-5753
blob: b8380b7913875d853ed64c18d636ab222173a90e (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

Description: bounds check bypass
References:
 https://spectreattack.com/
Notes:
 carnil> partial mitigations via 0cb5b30698fdc8f6b4646012e3acb4ddce430788
 carnil> "kvm: vmx: Scrub hardware GPRs at VM-exit" in 4.15-rc7
 carnil> Further work went in in 4.16-rc1, 4.15.2 and 4.9.81 and following
 carnil> for mitigations (Mitigation: __user pointer sanitization).
 bwh> The list of upstream commits and the status below are for x86 only.
 bwh> For arm64, we would probably need: 669474e772b952b14f4de4845a1558fd4c0414a4, 022620eed3d0bc4bf2027326f599f5ad71c2ea3f, 51369e398d0d33e8f524314e672b07e8cf870e79, 4d8efc2d5ee4c9ccfeb29ee8afd47a8660d0c0ce, 6314d90e64936c584f300a52ef173603fb2461b5, c2f0ad4fc089cff81cef6a13d04b399980ecbfcc, 91b2d3442f6a44dce875670d702af22737ad5eff
 bwh> Optimisation for s390x: e2dd833389cc4069a96b57bdd24227b5f52288f5
Bugs:
upstream: released (4.16-rc4) [99c6fa2511d8a683e61468be91b83f85452115fa, 87590ce6e373d1a5401f6539f0c59ef92dd924a9, 61dc0f555b5c761cdafb0ba5bd41ecf22d68a4c4, b2157399cc9898260d6031c5bfe45fe137c1fbe7, e4d0e84e490790798691aaa0f2e598637f1867ec, be95a845cc4402272994ce290e3ad928aff06cb9, bbeb6e4323dad9b5e0ee9f60c223dd532e2403b1, 7a32fc51ca938e67974cbb9db31e1a43f98345a9, 21d375b6b34ff511a507de27bf316b3dde6938d9, f84a56f73dddaeac1dba8045b007f742f61cd2da, f3804203306e098dae9ca51540fcd5eb700d7f40, babdde2698d482b6c0de1eab4f697cf5856c5859, b3d7ad85b80bbc404635dca80f5b129f6242bc7a, b3bbfb3fb5d25776b8e3f361d2eedaabb0b496cd, b5c4ae4f35325d520b230bab6eb3310613b72ac1, 304ec1b050310548db33063e567123fae8fd0301, c7f631cb07e7da06ac1d231ca178452339e32a94, 2fbd7af5af8665d18bcefae3e9700be07e22b681, 56c30ba7b348b90484969054d561f711ba196507, 259d8c1e984318497c84eef547bbb6b1d9f4eb05, edfbae53dab8348fca778531be9f4855d2ca0360, 085331dfc6bbe3501fb936e657331ca943827600, 3968523f855050b8195134da951b87c20bd66130, 8fa80c503b484ddc1abbd10c7cb2ab81f3824a50, 1d91c1d2c80cb70e2e553845e278b87a960c04da, eb6174f6d1be16b19cfa43dac296bfed003ce1a6]
4.9-upstream-stable: released (4.9.88)
3.16-upstream-stable: released (3.16.56)
3.2-upstream-stable: released (3.2.101)
sid: released (4.15.11-1)
4.9-stretch-security: released (4.9.88-1)
3.16-jessie-security: released (3.16.56-1)
3.2-wheezy-security: released (3.2.101-1)

© 2014-2024 Faster IT GmbH | imprint | privacy policy