Date: Wed, 10 Jun 2020 21:21:03 +1000 From: Wade Mealing <wmealing@...hat.com> To: oss-security@...ts.openwall.com Subject: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 A number of flaws were discussed in the registers article this morning ( https://www.theregister.com/2020/06/09/linux_kernel_bugs_spectre ) which have been submitted for inclusion upstream already. Listed below are the CVE's that Red Hat has assigned. As far as I can tell there are no existing CVE assignments for these flaws. I have not done adequate investigation to correctly identify affected versions of the kernel, however this is a flaw in the fix for CVE-2018-3639, affected systems would likely be affected by the flaws listed below if they required the fix. CVE-2020-10766 - Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection. https://lkml.org/lkml/2020/6/9/181 CVE-2020-10767 - Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available. https://lkml.org/lkml/2020/6/9/183 CVE-2020-10768 - Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. https://lkml.org/lkml/2020/6/9/184 The Red Hat Bugzillas for these flaws are http://bugzilla.redhat.com/CVE-2020-10766 http://bugzilla.redhat.com/CVE-2020-10767 http://bugzilla.redhat.com/CVE-2020-10768 These bugzillas are a work in progress and will be updated as I get more time to correctly input adequate information. Thank you. -- Wade Mealing Product Security - Kernel Red Hat wmealing@...hat.com TRIED. TESTED. TRUSTED.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.