Missing Linux Kernel mitigations for 'SSB - Speculative Store Bypass' hardware vulnerabilities
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-aws (Ubuntu) |
Expired
|
Undecided
|
Unassigned |
Bug Description
The Greenbone Security Assistant reporting me the following:
Summary
The remote host is missing one or more known mitigation(s) on Linux Kernel
side for the referenced 'SSB - Speculative Store Bypass' hardware vulnerabilities.
Detection Result
The Linux Kernel on the remote host is missing the mitigation for the "spec_store_bypass" hardware vulnerabilities as reported by the sysfs interface:
sysfs file checked | Kernel status (SSH response)
-------
/sys/devices/
Notes on the "Kernel status / SSH response" column:
- sysfs file missing: The sysfs interface is available but the sysfs file for this specific vulnerability is missing. This means the kernel doesn't know this vulnerability yet and is not providing any mitigation which means the target system is vulnerable.
- Strings including "Mitigation:", "Not affected" or "Vulnerable" are reported directly by the Linux Kernel.
- All other strings are responses to various SSH commands.
Product Detection Result
Product
cpe:/a:linux:kernel
Method
Detection of Linux Kernel mitigation status for hardware vulnerabilities (OID: 1.3.6.1.
Log
View details of product detection
Detection Method
Checks previous gathered information on the mitigation status reported
by the Linux Kernel.
Details:
Missing Linux Kernel mitigations for 'SSB - Speculative Store Bypass' ...
OID: 1.3.6.1.
Version used: 2021-07-
information type: | Private Security → Public Security |
Changed in linux-aws (Ubuntu): | |
status: | New → Incomplete |
Can I make this bug public so that teams outside of the security team can see it?