APPLIED Re: [SRU][Jammy-OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-0458
Timo Aaltonen
tjaalton at ubuntu.com
Fri Aug 4 09:46:57 UTC 2023
Yuxuan Luo kirjoitti 31.7.2023 klo 17.50:
> [Impact]
> kernel/sys.c contains a spectre-v1 vuneralbility due to lack of spec barrier,
> resulting in kernel memory info leak.
>
> [Backport]
> Clean cherry pick.
>
> [Test]
> Compile and boot tested.
>
> [Potential Regression]
> Since the new added line merely truncate the variable to the given range after
> the value check, it only functions as a spec barrier; therefore, expecting low
> regression potential.
>
> Greg Kroah-Hartman (1):
> prlimit: do_prlimit needs to have a speculation check
>
> kernel/sys.c | 2 ++
> 1 file changed, 2 insertions(+)
>
applied to oem-5.17, -6.0, thanks
--
t
More information about the kernel-team
mailing list