diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2022-03-08 19:15:21 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2022-03-08 19:18:01 +0100 |
commit | 31bba68a747e739788cd6bf824800ae67dd01cef (patch) | |
tree | 71227854e7ec711b9ff789515d61d5de7e23a4cb /dsa-texts/4.9.303-1 | |
parent | 69cbae8101899510b37acd41a9ad6f007af1078a (diff) |
Fill in remaining issue descriptions
Diffstat (limited to 'dsa-texts/4.9.303-1')
-rw-r--r-- | dsa-texts/4.9.303-1 | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/dsa-texts/4.9.303-1 b/dsa-texts/4.9.303-1 index a0244ec6c..6a63c08ed 100644 --- a/dsa-texts/4.9.303-1 +++ b/dsa-texts/4.9.303-1 @@ -149,13 +149,27 @@ CVE-2021-45095 It was discovered that the Phone Network protocol (PhoNet) driver has a reference count leak in the pep_sock_accept() function. -CVE-2022-0001 +CVE-2022-0001 (INTEL-SA-00598) - Description + Researchers at VUSec discovered that the Branch History Buffer in + Intel processors can be exploited to create information side- + channels with speculative execution. This issue is similar to + Spectre variant 2, but requires additional mitigations on some + processors. -CVE-2022-0002 + This can be exploited to obtain sensitive information from a + different security context, such as from user-space to the kernel, + or from a KVM guest to the kernel. - Description +CVE-2022-0002 (INTEL-SA-00598) + + This is a similar issue to CVE-2022-0001, but covers exploitation + within a security context, such as from JIT-compiled code in a + sandbox to hosting code in the same process. + + This can be partly mitigated by disabling eBPF for unprivileged + users with the sysctl: kernel.unprivileged_bpf_disabled=2. This + update does that by default. CVE-2022-0330 |