[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Linux kernel: BPF spectre v1 mitigation bypass (CVE-2019-7308, fixed in 4.19.19 and 4
From: Jann Horn <jannhorn () googlemail ! com>
Date: 2019-02-01 22:20:26
Message-ID: CAG48ez1N30mTGj575XvEHQqrhOT+gF1yEEGpKAqw2dBMHwMxTA () mail ! gmail ! com
[Download RAW message or body]
I discovered a bypass for the spectre v1 hardening in the eBPF engine
of the Linux kernel (which is exposed to unprivileged userspace since
kernel 4.4).
This is CVE-2019-7308. The issue has been fixed in 4.19.19 and 4.20.6
stable so far.
The main fix is
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=979d63d50c0c0f7bc537bf821e056cc9fe5abd38
, but it depends both on its parent commits and one ancestor that
fixes a new issue introduced by it.
Full bug report is at
<https://bugs.chromium.org/p/project-zero/issues/detail?id=1711>.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic