diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2022-12-14 16:24:20 +0100 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2022-12-14 16:24:20 +0100 |
| commit | c2059b5e8e94ce4312c92bcb721c0dc2acbeb41e (patch) | |
| tree | 4309330948116812ad46c88abe57ed3dab87d3da /retired/CVE-2021-35477 | |
| parent | f5463e27743e8f78246d3aa39d4db8a4b5e8dfba (diff) | |
retire issues
Diffstat (limited to 'retired/CVE-2021-35477')
| -rw-r--r-- | retired/CVE-2021-35477 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2021-35477 b/retired/CVE-2021-35477 new file mode 100644 index 00000000..cb6a8f3b --- /dev/null +++ b/retired/CVE-2021-35477 @@ -0,0 +1,17 @@ +Description: BPF protection against Speculative Store Bypass can be bypassed to disclose arbitrary kernel memory +References: + https://www.openwall.com/lists/oss-security/2021/08/01/3 + https://lore.kernel.org/stable/20210913153537.2162465-1-ovidiu.panait@windriver.com/ +Notes: + bwh> I think this can be ignored. Privileged users can generally read + bwh> kernel memory through kprobes/tracepoints. Unprivileged use of + bwh> eBPF is now disabled by default in all Debian suites. +Bugs: +upstream: released (5.14-rc4) [f5e81d1117501546b7be050c5fbafa6efd2c722c, 2039f26f3aca5b0e419b98f65dd36481337b86ee] +5.10-upstream-stable: released (5.10.56) [bea9e2fd180892eba2574711b05b794f1d0e7b73, 0e9280654aa482088ee6ef3deadef331f5ac5fb0] +4.19-upstream-stable: released (4.19.207) [91cdb5b36234e6af69d6280f1510e4453707a2b8, 872968502114d68c21419cf7eb5ab97717e7b803] +4.9-upstream-stable: needed +sid: released (5.10.46-4) [bugfix/all/bpf-introduce-bpf-nospec-instruction-for-mitigating-.patch, bugfix/all/bpf-fix-leakage-due-to-insufficient-speculative-stor.patch] +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.208-1) +4.9-stretch-security: ignored "Too risky to backport, and mitigated by default" |