diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2022-03-08 19:15:21 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2022-03-08 19:18:01 +0100 |
commit | 31bba68a747e739788cd6bf824800ae67dd01cef (patch) | |
tree | 71227854e7ec711b9ff789515d61d5de7e23a4cb /dsa-texts/5.10.103-1 | |
parent | 69cbae8101899510b37acd41a9ad6f007af1078a (diff) |
Fill in remaining issue descriptions
Diffstat (limited to 'dsa-texts/5.10.103-1')
-rw-r--r-- | dsa-texts/5.10.103-1 | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/dsa-texts/5.10.103-1 b/dsa-texts/5.10.103-1 index 235524912..143995ee0 100644 --- a/dsa-texts/5.10.103-1 +++ b/dsa-texts/5.10.103-1 @@ -23,13 +23,27 @@ CVE-2020-36310 which could lead to an infinite loop. A malicious VM guest could exploit this to cause a denial of service. -CVE-2022-0001 +CVE-2022-0001 (INTEL-SA-00598) - Description + Researchers at VUSec discovered that the Branch History Buffer in + Intel processors can be exploited to create information side- + channels with speculative execution. This issue is similar to + Spectre variant 2, but requires additional mitigations on some + processors. -CVE-2022-0002 + This can be exploited to obtain sensitive information from a + different security context, such as from user-space to the kernel, + or from a KVM guest to the kernel. - Description +CVE-2022-0002 (INTEL-SA-00598) + + This is a similar issue to CVE-2022-0001, but covers exploitation + within a security context, such as from JIT-compiled code in a + sandbox to hosting code in the same process. + + This is partly mitigated by disabling eBPF for unprivileged users + with the sysctl: kernel.unprivileged_bpf_disabled=2. This is + already the default in Debian 11 "bullseye". CVE-2022-0487 |