oss-sec mailing list archives
kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768
From: Wade Mealing <wmealing () redhat com>
Date: Wed, 10 Jun 2020 21:21:03 +1000
A number of flaws were discussed in the registers article this morning ( https://www.theregister.com/2020/06/09/linux_kernel_bugs_spectre ) which have been submitted for inclusion upstream already. Listed below are the CVE's that Red Hat has assigned. As far as I can tell there are no existing CVE assignments for these flaws. I have not done adequate investigation to correctly identify affected versions of the kernel, however this is a flaw in the fix for CVE-2018-3639, affected systems would likely be affected by the flaws listed below if they required the fix. CVE-2020-10766 - Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection. https://lkml.org/lkml/2020/6/9/181 CVE-2020-10767 - Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available. https://lkml.org/lkml/2020/6/9/183 CVE-2020-10768 - Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. https://lkml.org/lkml/2020/6/9/184 The Red Hat Bugzillas for these flaws are http://bugzilla.redhat.com/CVE-2020-10766 http://bugzilla.redhat.com/CVE-2020-10767 http://bugzilla.redhat.com/CVE-2020-10768 These bugzillas are a work in progress and will be updated as I get more time to correctly input adequate information. Thank you. -- Wade Mealing Product Security - Kernel Red Hat wmealing () redhat com TRIED. TESTED. TRUSTED.
Current thread:
- kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 Wade Mealing (Jun 10)
- Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 Greg KH (Jun 10)
- Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 Wade Mealing (Jun 10)
- Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 Monsieur Francis Perron (Jun 10)
- Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 Greg KH (Jun 10)