CVE-2018-15572

Опубликовано: 20 авг. 2018

Источник: ubuntu

Приоритет: high

EPSS Низкий

CVSS2: 2.1

CVSS3: 6.5

Описание

The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.

Релиз	Статус	Примечание
bionic	released	4.15.0-36.39
cosmic	not-affected	4.17.0-9.10
devel	not-affected	4.18.0-10.11
esm-infra-legacy/trusty	not-affected	3.11.0-12.19
esm-infra/bionic	not-affected	4.15.0-36.39
esm-infra/xenial	not-affected	4.4.0-137.163
precise/esm	not-affected	3.0.0-12.20
trusty	not-affected	3.11.0-12.19
trusty/esm	not-affected	3.11.0-12.19
upstream	released	4.19~rc1

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1023.23
cosmic	not-affected	4.18.0-1002.3
devel	not-affected	4.18.0-1002.3
esm-infra-legacy/trusty	not-affected	4.4.0-1031.34
esm-infra/bionic	not-affected	4.15.0-1023.23
esm-infra/xenial	not-affected	4.4.0-1069.79
precise/esm	DNE
trusty	released	4.4.0-1031.34
trusty/esm	not-affected	4.4.0-1031.34
upstream	released	4.19~rc1

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.15.0-1030.31~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1
xenial	not-affected	4.15.0-1030.31~16.04.1

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1025.26
cosmic	not-affected	4.18.0-1003.3
devel	not-affected	4.18.0-1003.3
esm-infra-legacy/trusty	not-affected	4.15.0-1030.31~14.04.1
esm-infra/bionic	not-affected	4.15.0-1025.26
esm-infra/xenial	not-affected	4.15.0-1025.26~16.04.1
precise/esm	DNE
trusty	released	4.15.0-1030.31~14.04.1
trusty/esm	not-affected	4.15.0-1030.31~14.04.1
upstream	released	4.19~rc1

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1025.26
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1025.26
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1
xenial	released	4.15.0-1025.26~16.04.1

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.19~rc1
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1021.22
cosmic	not-affected	4.18.0-1002.3
devel	not-affected	4.18.0-1002.3
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1021.22
esm-infra/xenial	not-affected	4.15.0-1021.22~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.18.0-1004.5~18.04.1
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.18.0-1004.5~18.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.19~rc1
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.19~rc1
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.18.0-13.14~18.04.1
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.18.0-13.14~18.04.1
esm-infra/xenial	not-affected	4.15.0-36.39~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.18.0-12.13~18.04.1
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.18.0-12.13~18.04.1
esm-infra/xenial	not-affected	4.15.0-36.39~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1023.23
cosmic	not-affected	4.18.0-1002.2
devel	not-affected	4.18.0-1003.3
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1023.23
esm-infra/xenial	not-affected	4.4.0-1035.41
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
precise/esm	not-affected	3.13.0-24.46~precise1
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	4.19~rc1
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	4.19~rc1
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	4.19~rc1
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-137.163~14.04.1
precise/esm	DNE
trusty	released	4.4.0-137.163~14.04.1
trusty/esm	not-affected	4.4.0-137.163~14.04.1
upstream	released	4.19~rc1
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.19~rc1
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.19~rc1
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.19~rc1
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1021.24
cosmic	not-affected	4.15.0-1021.24
devel	not-affected	4.15.0-1021.24
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1021.24
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1
xenial	ignored	end of standard support, was needed

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1007.9
cosmic	not-affected
devel	not-affected	4.15.0-1007.9
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1007.9
esm-infra/xenial	not-affected	4.15.0-1007.9~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1024.26
cosmic	not-affected	4.18.0-1004.6
devel	not-affected	4.18.0-1005.7
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1
xenial	released	4.4.0-1098.106

Показывать по

Релиз	Статус	Примечание
bionic	not-affected
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc1
xenial	released	4.4.0-1102.107

Показывать по

Ссылки на источники

EPSS

Процентиль: 14%

0.00045

Низкий

2.1 Low

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2018-15572

CVSS3: 5.6

redhat

почти 7 лет назад

CVE-2018-15572

CVSS3: 6.5

nvd

почти 7 лет назад

CVE-2018-15572

CVSS3: 6.5

debian

почти 7 лет назад

The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs. ...

GHSA-fr39-wf38-f5w3

CVSS3: 6.5

github

около 3 лет назад

BDU:2021-01418

CVSS3: 6.5

fstec

почти 7 лет назад

Уязвимость функции spectre_v2_select_mitigation ядра операционной системы Linux, связанная с чтением за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным

EPSS

Процентиль: 14%

0.00045

Низкий

2.1 Low

CVSS2

6.5 Medium

CVSS3

CVE-2018-15572

Описание

Пакет linux

Пакет linux-aws

Пакет linux-aws-hwe

Пакет linux-azure

Пакет linux-azure-edge

Пакет linux-euclid

Пакет linux-flo

Пакет linux-gcp

Пакет linux-gcp-edge

Пакет linux-gke

Пакет linux-goldfish

Пакет linux-grouper

Пакет linux-hwe

Пакет linux-hwe-edge

Пакет linux-kvm

Пакет linux-lts-trusty

Пакет linux-lts-utopic

Пакет linux-lts-vivid

Пакет linux-lts-wily

Пакет linux-lts-xenial

Пакет linux-maguro

Пакет linux-mako

Пакет linux-manta

Пакет linux-oem

Пакет linux-oracle

Пакет linux-raspi2

Пакет linux-snapdragon

Ссылки на источники

Связанные уязвимости