© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Since this update was prepared, the following patches were already applied:
* KVM: Fix stack-out-of-bounds read in write_mmio (CVE-2017-17741)
* RDS: null pointer dereference in rds_atomic_free_op (CVE-2018-5333)
Needed fixup:
* bpf: don't (ab)use instructions to store state
We added a partial backport of this change when applying
"bpf: fix branch pruning logic" (CVE-2017-17862)
* bpf: prevent out-of-bounds speculation
Because of changes introduced by "bpf: fix branch pruning
logic" (CVE-2017-17862)
The following patches were all also applied already as part of
CVE-2017-5715 (Spectre v2 retpoline):
* x86/cpu: Factor out application of forced CPU caps
* x86/cpufeatures: Make CPU bugs sticky
* x86/cpufeatures: Add X86_BUG_
* x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
* x86/cpufeatures: Add X86_BUG_
* x86/cpu: Merge bugs.c and bugs_64.c
* sysfs/cpu: Add vulnerability folder
* x86/cpu: Implement CPU vulnerabilites sysfs functions
* x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm