[kernel-sec-discuss] [Git][kernel-team/kernel-sec][master] Add used DSA text for 4.9.65-3+deb9u2

Salvatore Bonaccorso gitlab at salsa.debian.org
Sun Jan 7 07:40:51 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian kernel team / kernel-sec


Commits:
5c2db078 by Salvatore Bonaccorso at 2018-01-07T08:40:43+01:00
Add used DSA text for 4.9.65-3+deb9u2

- - - - -


1 changed file:

- + dsa-texts/4.9.65-3+deb9u2


Changes:

=====================================
dsa-texts/4.9.65-3+deb9u2
=====================================
--- /dev/null
+++ b/dsa-texts/4.9.65-3+deb9u2
@@ -0,0 +1,28 @@
+Package        : linux
+CVE ID         : CVE-2017-5754
+
+Multiple researchers have discovered a vulnerability in Intel processors,
+enabling an attacker controlling an unprivileged process to read memory from
+arbitrary addresses, including from the kernel and all other processes running
+on the system.
+
+This specific attack has been named Meltdown and is addressed in the Linux
+kernel for the Intel x86-64 architecture by a patch set named Kernel Page Table
+Isolation, enforcing a near complete separation of the kernel and userspace
+address maps and preventing the attack. This solution might have a performance
+impact, and can be disabled at boot time by passing `pti=off' to the kernel
+command line.
+
+We also identified a regression for ancient userspaces using the vsyscall
+interface, for example chroot and containers using (e)glibc 2.13 and older,
+including those based on Debian 7 or RHEL/CentOS 6. This regression will be
+fixed in a later update.
+
+The other vulnerabilities (named Spectre) published at the same time are not
+addressed in this update and will be fixed in a later update.
+
+For the oldstable distribution (jessie), this problem will be fixed in a
+separate update.
+
+For the stable distribution (stretch), this problem has been fixed in
+version 4.9.65-3+deb9u2.



View it on GitLab: https://salsa.debian.org/kernel-team/kernel-sec/commit/5c2db0783ad9dbfad157c3680ef4b82e442c2e1c

---
View it on GitLab: https://salsa.debian.org/kernel-team/kernel-sec/commit/5c2db0783ad9dbfad157c3680ef4b82e442c2e1c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/kernel-sec-discuss/attachments/20180107/51d337a0/attachment.html>

More information about the kernel-sec-discuss mailing list