Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-52874

Опубликовано: 21 мая 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro In the TDX_HYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be cleared to avoid speculative execution of VMM-provided values. RSI is specified in the bitmap of those registers, but it is missing when zeroing out those registers in the current TDX_HYPERCALL. It was there when it was originally added in commit 752d13305c78 ("x86/tdx: Expand __tdx_hypercall() to handle more arguments"), but was later removed in commit 1e70c680375a ("x86/tdx: Do not corrupt frame-pointer in __tdx_hypercall()"), which was correct because %rsi is later restored in the "pop %rsi". However a later commit 7a3a401874be ("x86/tdx: Drop flags from __tdx_hypercall()") removed that "pop %rsi" but forgot to add the "xor %rsi, %rsi" back. Fix by adding it back.

РелизСтатусПримечание
devel

not-affected

6.8.0-31.31
esm-infra-legacy/trusty

not-affected

3.11.0-12.19
esm-infra/bionic

not-affected

4.13.0-16.19
esm-infra/focal

not-affected

5.4.0-9.12
esm-infra/xenial

not-affected

4.4.0-2.16
focal

not-affected

5.4.0-9.12
jammy

not-affected

5.13.0-19.19
mantic

ignored

end of life, was pending [6.5.0-25.25]
noble

not-affected

6.6.0-14.14
trusty/esm

not-affected

3.11.0-12.19

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

end of kernel support
mantic

DNE

noble

DNE

upstream

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

not-affected

6.8.0-1008.8
esm-infra-legacy/trusty

not-affected

4.4.0-1002.2
esm-infra/bionic

not-affected

4.15.0-1001.1
esm-infra/focal

not-affected

5.4.0-1005.5
esm-infra/xenial

not-affected

4.4.0-1001.10
focal

not-affected

5.4.0-1005.5
jammy

not-affected

5.13.0-1005.6
mantic

ignored

end of life, was pending [6.5.0-1015.15]
noble

not-affected

6.6.0-1001.1
trusty/esm

not-affected

4.4.0-1002.2

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

superseded by linux-aws-5.3
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-aws-5.3

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-aws-5.13
focal

ignored

end of standard support, was ignored [superseded by linux-aws-5.13]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-aws-5.13

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-aws-5.15
focal

ignored

end of standard support, was ignored [superseded by linux-aws-5.15]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-aws-5.15

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.15.0-1014.18~20.04.1
focal

not-affected

5.15.0-1014.18~20.04.1
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-aws-6.2
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-aws-6.2

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

superseded by linux-aws-5.4
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-aws-5.4

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

not-affected

5.4.0-1018.18~18.04.1
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-aws-5.11
focal

ignored

end of standard support, was ignored [superseded by linux-aws-5.11]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-aws-5.11

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-aws-6.5
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-aws-6.5

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

end of life, was pending [6.5.0-1015.15~22.04.1]
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

fips-preview/jammy

not-affected

5.15.0-1051.56+fips1
fips-updates/bionic

not-affected

4.15.0-2000.4
fips-updates/focal

not-affected

5.4.0-1021.21+fips2
fips-updates/jammy

not-affected

5.15.0-1052.57+fips1
fips/bionic

not-affected

4.15.0-2000.4
fips/focal

not-affected

5.4.0-1021.21+fips2
focal

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

esm-infra/xenial

not-affected

4.15.0-1030.31~16.04.1
focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

not-affected

6.8.0-1007.7
esm-infra-legacy/trusty

not-affected

4.15.0-1023.24~14.04.1
esm-infra/bionic

ignored

superseded by linux-azure-5.3
esm-infra/focal

not-affected

5.4.0-1006.6
esm-infra/xenial

not-affected

4.11.0-1009.9
focal

not-affected

5.4.0-1006.6
jammy

not-affected

5.13.0-1006.7
mantic

ignored

end of life, was pending [6.5.0-1016.16]
noble

not-affected

6.6.0-1001.1
trusty/esm

not-affected

4.15.0-1023.24~14.04.1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

not-affected

4.15.0-1082.92
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-azure-5.13
focal

ignored

end of standard support, was ignored [superseded by linux-azure-5.13]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-azure-5.13

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-azure-5.15
focal

ignored

end of standard support, was ignored [superseded by linux-azure-5.15]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-azure-5.15

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.15.0-1007.8~20.04.1
focal

not-affected

5.15.0-1007.8~20.04.1
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-azure-6.2
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-azure-6.2

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

superseded by linux-azure-5.4
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-azure-5.4

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

not-affected

5.4.0-1020.20~18.04.1
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-azure-5.11
focal

ignored

end of standard support, was ignored [superseded by linux-azure-5.11]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-azure-5.11

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-azure-6.5
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-azure-6.5

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

end of life, was pending [6.5.0-1016.16~22.04.1]
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

superseded by linux-azure-5.3
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-azure-5.3

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-azure-fde-5.15
focal

ignored

end of standard support, was ignored [superseded by linux-azure-fde-5.15]
jammy

not-affected

5.15.0-1019.24.1
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.15.0-1019.24~20.04.1.1
focal

not-affected

5.15.0-1019.24~20.04.1.1
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-azure-fde-6.2
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-azure-fde-6.2

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

replaced by linux-azure-6.5
mantic

DNE

noble

DNE

upstream

ignored

replaced by linux-azure-6.5

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

fips-preview/jammy

not-affected

5.15.0-1053.61+fips1
fips-updates/bionic

not-affected

4.15.0-1002.2
fips-updates/focal

not-affected

5.4.0-1022.22+fips1
fips-updates/jammy

not-affected

5.15.0-1058.66+fips1
fips/bionic

not-affected

4.15.0-1002.2
fips/focal

not-affected

5.4.0-1022.22+fips1
focal

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bluefield/jammy

not-affected

5.15.0-1011.13
devel

DNE

esm-infra/focal

not-affected

5.4.0-1007.10
focal

not-affected

5.4.0-1007.10
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

fips-preview/jammy

not-affected

5.15.0-73.80+fips1
fips-updates/bionic

not-affected

4.15.0-1027.32
fips-updates/focal

not-affected

5.4.0-1026.30
fips-updates/jammy

not-affected

5.15.0-92.102+fips1
fips-updates/xenial

not-affected

4.4.0-1003.3
fips/bionic

not-affected

4.15.0-1011.12
fips/focal

not-affected

5.4.0-1007.8
fips/xenial

not-affected

4.4.0-1001.1

Показывать по

РелизСтатусПримечание
devel

not-affected

6.8.0-1007.7
esm-infra/bionic

ignored

superseded by linux-gcp-5.3
esm-infra/focal

not-affected

5.4.0-1005.5
esm-infra/xenial

not-affected

4.10.0-1004.4
focal

not-affected

5.4.0-1005.5
jammy

not-affected

5.13.0-1005.6
mantic

ignored

end of life, was pending [6.5.0-1015.15]
noble

not-affected

6.6.0-1001.1
upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

not-affected

4.15.0-1071.81
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-gcp-5.13
focal

ignored

end of standard support, was ignored [superseded by linux-gcp-5.13]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-gcp-5.13

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-gcp-5.15
focal

ignored

end of standard support, was ignored [superseded by linux-gcp-5.15]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-gcp-5.15

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.15.0-1006.9~20.04.1
focal

not-affected

5.15.0-1006.9~20.04.1
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-gcp-6.2
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-gcp-6.2

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

superseded by linux-gcp-5.4
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-gcp-5.4

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

not-affected

5.4.0-1019.19~18.04.2
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-gcp-5.11
focal

ignored

end of standard support, was ignored [superseded by linux-gcp-5.11]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-gcp-5.11

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-gcp-6.5
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-gcp-6.5

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

end of life, was pending [6.5.0-1015.15~22.04.1]
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

fips-preview/jammy

not-affected

5.15.0-1048.56+fips1
fips-updates/bionic

not-affected

4.15.0-2013.14
fips-updates/focal

not-affected

5.4.0-1021.21+fips1
fips-updates/jammy

not-affected

5.15.0-1048.56+fips1
fips/bionic

not-affected

4.15.0-1001.1
fips/focal

not-affected

5.4.0-1021.21+fips1
focal

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
devel

not-affected

6.8.0-1003.5
esm-infra/focal

ignored

end of kernel support
focal

ignored

end of kernel support
jammy

not-affected

5.15.0-1002.2
mantic

DNE

noble

not-affected

6.8.0-1003.5
upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

superseded by linux-gke-5.0
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-gke-5.0

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

end of kernel support
focal

ignored

end of kernel support
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

end of kernel support
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.4.0-1008.9
focal

not-affected

5.4.0-1008.9
jammy

not-affected

5.15.0-1001.2
mantic

DNE

noble

not-affected

6.8.0-1001.3
upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.15.0-1003.5~20.04.2
focal

not-affected

5.15.0-1003.5~20.04.2
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

end of kernel support
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

replaced by linux-hwe-5.4
esm-infra/focal

DNE

esm-infra/xenial

not-affected

4.8.0-39.42~16.04.1
focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-hwe-5.13
focal

ignored

end of standard support, was ignored [superseded by linux-hwe-5.13]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-hwe-5.13

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-hwe-5.15
focal

ignored

end of standard support, was ignored [superseded by linux-hwe-5.15]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-hwe-5.15

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.15.0-33.34~20.04.1
focal

not-affected

5.15.0-33.34~20.04.1
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-hwe-6.2
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-hwe-6.2

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

not-affected

5.4.0-37.41~18.04.1
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-hwe-5.11
focal

ignored

end of standard support, was ignored [superseded by linux-hwe-5.11]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-hwe-5.11

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-hwe-6.5
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-hwe-6.5

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-hwe-6.8, was pending [6.5.0-25.25~22.04.1]
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

DNE

esm-infra/focal

DNE

esm-infra/xenial

DNE

focal

DNE

jammy

not-affected

6.8.0-38.38~22.04.1
noble

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

superseded by linux-hwe-5.4
esm-infra/focal

DNE

esm-infra/xenial

ignored

superseded by linux-hwe
focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

not-affected

6.8.0-1005.5
esm-infra/focal

not-affected

5.4.0-1003.4
focal

not-affected

5.4.0-1003.4
jammy

not-affected

5.15.0-1002.2
mantic

ignored

end of kernel support
noble

not-affected

6.8.0-1001.1
upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.15.0-1033.36~20.04.1
focal

not-affected

5.15.0-1033.36~20.04.1
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

not-affected

5.4.0-1010.11~18.04.2
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

DNE

esm-infra/focal

DNE

esm-infra/xenial

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

not-affected

6.8.0-1001.6

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

end of kernel support
focal

ignored

end of kernel support
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by Ubuntu Pro ppa version
noble

DNE

realtime/jammy

not-affected

5.15.0-1021.26
trusty

DNE

upstream

released

6.7~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

not-affected

5.15.0-1004.6
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.15.0-1003.5~20.04.1
focal

not-affected

5.15.0-1003.5~20.04.1
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.4.0-1001.3
focal

not-affected

5.4.0-1001.3
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

not-affected

4.15.0-1002.2
esm-infra/focal

not-affected

5.4.0-1004.4
esm-infra/xenial

not-affected

4.4.0-1004.9
focal

not-affected

5.4.0-1004.4
jammy

not-affected

5.13.0-1004.4
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

ignored

end of life, was pending [6.5.0-1011.14]
noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

not-affected

6.8.0-31.31.1
esm-infra/focal

DNE

focal

DNE

jammy

not-affected

5.15.0-22.22
mantic

ignored

end of life, was pending [6.5.0-25.25.1]
noble

not-affected

6.6.0-14.14.1
upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.15.0-33.34~20.04.1
focal

not-affected

5.15.0-33.34~20.04.1
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-lowlatency-hwe-6.2
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-lowlatency-hwe-6.2

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-lowlatency-hwe-6.5
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-lowlatency-hwe-6.5

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-lowlatency-hwe-6.8, was pending [6.5.0-25.25.1~22.04.1]
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

DNE

esm-infra/focal

DNE

esm-infra/xenial

DNE

focal

DNE

jammy

not-affected

6.8.0-38.38.1~22.04.2
noble

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

not-affected

4.4.0-13.29~14.04.1
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

trusty/esm

not-affected

4.4.0-13.29~14.04.1
upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

not-affected

5.15.0-1005.5
mantic

DNE

noble

not-affected

6.8.0-1007.7
upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-nvidia-6.5
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-nvidia-6.5

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

released

6.5.0-1014.14
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

DNE

esm-infra/focal

DNE

esm-infra/xenial

DNE

focal

DNE

jammy

not-affected

6.8.0-1008.8~22.04.1
noble

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

DNE

esm-infra/focal

DNE

esm-infra/xenial

DNE

focal

DNE

jammy

DNE

noble

not-affected

6.8.0-1009.9.1
trusty

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

replaced by linux-hwe-5.4
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-oem-5.13
focal

ignored

end of standard support, was ignored [superseded by linux-oem-5.13]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-oem-5.13

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-oem-5.14
focal

ignored

end of standard support, was ignored [superseded by linux-oem-5.14]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-oem-5.14

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

replaced by linux-hwe-5.15
focal

ignored

end of standard support, was ignored [replaced by linux-hwe-5.15]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

replaced by linux-hwe-5.15

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-oem-6.1
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-oem-6.1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-oem-5.10
focal

ignored

end of standard support, was ignored [superseded by linux-oem-5.10]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-oem-5.10

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-oem-6.1
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-oem-6.1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-oem-6.5
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-oem-6.5

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-oem-6.8, was pending [6.5.0-1016.17]
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

DNE

esm-infra/focal

DNE

esm-infra/xenial

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

not-affected

6.8.0-1003.3

Показывать по

РелизСтатусПримечание
devel

not-affected

6.8.0-1005.5
esm-infra/bionic

not-affected

4.15.0-1007.9
esm-infra/focal

not-affected

5.4.0-1005.5
esm-infra/xenial

not-affected

4.15.0-1007.9~16.04.1
focal

not-affected

5.4.0-1005.5
jammy

not-affected

5.13.0-1008.10
mantic

ignored

end of life, was pending [6.5.0-1018.18]
noble

not-affected

6.6.0-1001.1
upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

superseded by linux-oracle-5.3
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-oracle-5.3

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-oracle-5.13
focal

ignored

end of standard support, was ignored [superseded by linux-oracle-5.13]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-oracle-5.13

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-oracle-5.15
focal

ignored

end of standard support, was ignored [superseded by linux-oracle-5.15]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-oracle-5.15

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.15.0-1007.9~20.04.1
focal

not-affected

5.15.0-1007.9~20.04.1
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

ignored

superseded by linux-oracle-5.4
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-oracle-5.4

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

not-affected

5.4.0-1019.19~18.04.1
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-oracle-5.11
focal

ignored

end of standard support, was ignored [superseded by linux-oracle-5.11]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-oracle-5.11

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

end of life, was pending [6.5.0-1018.18~22.04.1]
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

not-affected

6.8.0-1004.4
esm-infra/focal

not-affected

5.4.0-1007.7
focal

not-affected

5.4.0-1007.7
jammy

not-affected

5.13.0-1008.9
mantic

ignored

end of life, was pending [6.5.0-1012.15]
noble

not-affected

6.7.0-1001.1
upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

not-affected

5.4.0-1013.13~18.04.1
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

DNE

noble

ignored

superseded by Ubuntu Pro ppa version
realtime/noble

not-affected

6.7.0-2001.1
trusty

DNE

upstream

released

6.7~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

replaced by linux-raspi
focal

ignored

end of standard support, was ignored [replaced by linux-raspi]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

replaced by linux-raspi

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by Ubuntu Pro ppa version
noble

not-affected

6.8.1-1015.16
realtime/jammy

not-affected

5.15.0-1006.6
realtime/noble

not-affected

6.8.0-1008.19
trusty

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

not-affected

6.8.0-31.31.1
esm-infra/focal

ignored

superseded by linux-riscv-5.8
focal

ignored

end of standard support, was ignored [superseded by linux-riscv-5.8]
jammy

ignored

end of kernel support
mantic

ignored

end of life, was pending [6.5.0-25.25.1]
noble

not-affected

6.8.0-20.20.1
upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-riscv-5.13
focal

ignored

end of standard support, was ignored [superseded by linux-riscv-5.13]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-riscv-5.13

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.15.0-1015.17~20.04.1
focal

not-affected

5.15.0-1015.17~20.04.1
jammy

DNE

mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

end of kernel support
mantic

DNE

noble

DNE

upstream

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

superseded by linux-riscv-5.11
focal

ignored

end of standard support, was ignored [superseded by linux-riscv-5.11]
jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-riscv-5.11

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-riscv-6.8, was pending [6.5.0-25.25.1~22.04.1]
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

DNE

esm-infra/focal

DNE

esm-infra/xenial

DNE

focal

DNE

jammy

not-affected

6.8.0-38.38.1~22.04.1
noble

DNE

trusty

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

ignored

end of life, was pending [6.5.0-1009.10]
noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

end of kernel support
mantic

DNE

noble

DNE

upstream

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

superseded by linux-starfive-6.5
mantic

DNE

noble

DNE

upstream

ignored

superseded by linux-starfive-6.5

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

end of kernel support, was pending [6.5.0-1009.10~22.04.1]
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

5.4.0-1020.24
focal

not-affected

5.4.0-1020.24
jammy

not-affected

5.15.0-1022.26
mantic

DNE

noble

DNE

upstream

released

6.7~rc1

Показывать по

Ссылки на источники

EPSS

Процентиль: 19%
0.0006
Низкий

Связанные уязвимости

redhat логотип

CVE-2023-52874

CVSS3: 2.3
redhat
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro In the TDX_HYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be cleared to avoid speculative execution of VMM-provided values. RSI is specified in the bitmap of those registers, but it is missing when zeroing out those registers in the current TDX_HYPERCALL. It was there when it was originally added in commit 752d13305c78 ("x86/tdx: Expand __tdx_hypercall() to handle more arguments"), but was later removed in commit 1e70c680375a ("x86/tdx: Do not corrupt frame-pointer in __tdx_hypercall()"), which was correct because %rsi is later restored in the "pop %rsi". However a later commit 7a3a401874be ("x86/tdx: Drop flags from __tdx_hypercall()") removed that "pop %rsi" but forgot to add the "xor %rsi, %rsi" back. Fix by adding it back.

nvd логотип

CVE-2023-52874

nvd
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro In the TDX_HYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be cleared to avoid speculative execution of VMM-provided values. RSI is specified in the bitmap of those registers, but it is missing when zeroing out those registers in the current TDX_HYPERCALL. It was there when it was originally added in commit 752d13305c78 ("x86/tdx: Expand __tdx_hypercall() to handle more arguments"), but was later removed in commit 1e70c680375a ("x86/tdx: Do not corrupt frame-pointer in __tdx_hypercall()"), which was correct because %rsi is later restored in the "pop %rsi". However a later commit 7a3a401874be ("x86/tdx: Drop flags from __tdx_hypercall()") removed that "pop %rsi" but forgot to add the "xor %rsi, %rsi" back. Fix by adding it back.

debian логотип

CVE-2023-52874

debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: x ...

github логотип

GHSA-5h67-9rvr-r9x6

github
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro In the TDX_HYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be cleared to avoid speculative execution of VMM-provided values. RSI is specified in the bitmap of those registers, but it is missing when zeroing out those registers in the current TDX_HYPERCALL. It was there when it was originally added in commit 752d13305c78 ("x86/tdx: Expand __tdx_hypercall() to handle more arguments"), but was later removed in commit 1e70c680375a ("x86/tdx: Do not corrupt frame-pointer in __tdx_hypercall()"), which was correct because %rsi is later restored in the "pop %rsi". However a later commit 7a3a401874be ("x86/tdx: Drop flags from __tdx_hypercall()") removed that "pop %rsi" but forgot to add the "xor %rsi, %rsi" back. Fix by adding it back.

fstec логотип

BDU:2024-10270

CVSS3: 5.5
fstec
почти 2 года назад

Уязвимость компонентов x86/tdx ядра операционной системы Linux позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 19%
0.0006
Низкий
Уязвимость CVE-2023-52874