* CVE-2022-21123 // CVE-2022-21125 // CVE-2022-21166
- Documentation: Add documentation for Processor MMIO Stale Data
- x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
- x86/speculation: Add a common function for MD_CLEAR mitigation update
- x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
- x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
- x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
- x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data
- x86/speculation/srbds: Update SRBDS mitigation selection
- x86/speculation/mmio: Reuse SRBDS mitigation for SBDS
- KVM: x86/speculation: Disable Fill buffer clear within guests
- x86/speculation/mmio: Print SMT warning
This bug was fixed in the package linux-gcp-5.15 - 5.15.0- 1012.17~ 20.04.1
--------------- 1012.17~ 20.04.1) focal; urgency=medium
linux-gcp-5.15 (5.15.0-
* focal/linux- gcp-5.15: 5.15.0- 1012.17~ 20.04.1 -proposed tracker
(LP: #1978589)
* re-apply missing overlayfs SAUCE patch (LP: #1967924)
- SAUCE: overlayfs: prevent dereferencing struct file in ovl_vm_prfile_set()
* Packaging resync (LP: #1786013)
- [Packaging] update variants
[ Ubuntu: 5.15.0-1010.15 ]
* CVE-2022-21123 // CVE-2022-21125 // CVE-2022-21166 /mmio: Enumerate Processor MMIO Stale Data bug /mmio: Add mitigation for Processor MMIO Stale Data /mmio: Enable CPU Fill buffer clearing on idle /mmio: Add sysfs reporting for Processor MMIO Stale Data /srbds: Update SRBDS mitigation selection /mmio: Reuse SRBDS mitigation for SBDS /mmio: Print SMT warning
- Documentation: Add documentation for Processor MMIO Stale Data
- x86/speculation
- x86/speculation: Add a common function for MD_CLEAR mitigation update
- x86/speculation
- x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
- x86/speculation
- x86/speculation
- x86/speculation
- x86/speculation
- KVM: x86/speculation: Disable Fill buffer clear within guests
- x86/speculation
[ Ubuntu: 5.15.0-1008.12 ]
* netfilter newset OOB write (LP: #1976363) desc_concat_ parse()
- netfilter: nf_tables: sanitize nft_set_
* CVE-2022-1966
- netfilter: nf_tables: disallow non-stateful expression in sets earlier
-- Marcelo Henrique Cerri <email address hidden> Thu, 23 Jun 2022 12:31:49 -0300