ALAS2-2024-2525 --- kernelID: oval:org.secpod.oval:def:1702246 | Date: (C)2024-05-09 (M)2024-06-18 |
Class: PATCH | Family: unix |
A Speculative Race Condition vulnerability that impacts modern CPU architectures supporting speculative execution has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths. In the Linux kernel, the following vulnerability has been resolved:sched/membarrier: reduce the ability to hammer on sys_membarrierOn some systems, sys_membarrier can be very expensive, causing overallslowdowns for everything. So put a lock on the path in order toserialize the accesses to prevent the ability for this to be called attoo high of a frequency and saturate the machine
Product: |
kernel |
perf |
python-perf |