Fill in remaining issue descriptions

1 files changed, 18 insertions, 4 deletions

diff --git a/dsa-texts/5.10.103-1 b/dsa-texts/5.10.103-1
index 235524912..143995ee0 100644
--- a/dsa-texts/5.10.103-1
+++ b/dsa-texts/5.10.103-1
@@ -23,13 +23,27 @@ CVE-2020-36310
     which could lead to an infinite loop.  A malicious VM guest could
     exploit this to cause a denial of service.
 
-CVE-2022-0001
+CVE-2022-0001 (INTEL-SA-00598)
 
-    Description
+    Researchers at VUSec discovered that the Branch History Buffer in
+    Intel processors can be exploited to create information side-
+    channels with speculative execution.  This issue is similar to
+    Spectre variant 2, but requires additional mitigations on some
+    processors.
 
-CVE-2022-0002
+    This can be exploited to obtain sensitive information from a
+    different security context, such as from user-space to the kernel,
+    or from a KVM guest to the kernel.
 
-    Description
+CVE-2022-0002 (INTEL-SA-00598)
+
+    This is a similar issue to CVE-2022-0001, but covers exploitation
+    within a security context, such as from JIT-compiled code in a
+    sandbox to hosting code in the same process.
+
+    This is partly mitigated by disabling eBPF for unprivileged users
+    with the sysctl: kernel.unprivileged_bpf_disabled=2.  This is
+    already the default in Debian 11 "bullseye".
 
 CVE-2022-0487