Описание
In the Linux kernel, the following vulnerability has been resolved:
x86/srso: Fix SBPB enablement for spec_rstack_overflow=off
If the user has requested no SRSO mitigation, other mitigations can use the lighter-weight SBPB instead of IBPB.
In the Linux kernel, the following vulnerability has been resolved:
x86/srso: Fix SBPB enablement for spec_rstack_overflow=off
If the user has requested no SRSO mitigation, other mitigations can use the lighter-weight SBPB instead of IBPB.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-52575
- https://git.kernel.org/stable/c/01b057b2f4cc2d905a0bd92195657dbd9a7005ab
- https://git.kernel.org/stable/c/13ea4b92e8759d2f6c330a73cde31ad9c313021b
- https://git.kernel.org/stable/c/adbcec23c8423e3d5df1839c5ae91599dcf703cb
- https://git.kernel.org/stable/c/ae806c74c0634b0c23855066d8ba28d850fd1260
- https://git.kernel.org/stable/c/e3cb8b2c391b1f287eb76df4ba37880f4ea56d8a
CVE ID
Связанные уязвимости
A potential flaw was found in the Linux Kernel. Fix SBPB enablement for spec_rstack_overflow=off.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Уязвимость компонента srso ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код
