DSA-5475-1 linux -- linuxID: oval:org.secpod.oval:def:95188 | Date: (C)2023-12-01 (M)2024-06-13 |
Class: PATCH | Family: unix |
CVE-2022-40982 Daniel Moghimi discovered Gather Data Sampling , a hardware vulnerability for Intel CPUs which allows unprivileged speculative access to data which was previously stored in vector registers. This mitigation requires updated CPU microcode provided in the intel-microcode package. For details please refer to https://downfall.page/ and https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/gather-data-sampling.html. CVE-2023-20569 Daniel Trujillo, Johannes Wikner and Kaveh Razavi discovered INCEPTION, also known as Speculative Return Stack Overflow , a transient execution attack that leaks arbitrary data on all AMD Zen CPUs. An attacker can mis-train the CPU BTB to predict non- architectural CALL instructions in kernel space and use this to control the speculative target of a subsequent kernel RET, potentially leading to information disclosure via a speculative side-channel. For details please refer to https://comsec.ethz.ch/research/microarch/inception/ and https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-7005.
Platform: |
Linux Mint 5 |
Linux Mint 6 |
Product: |
linux-support-6.1 |
linux-image-6.1 |
linux-headers-6.1 |
linux-support-5.10 |
linux-image-5.10 |
linux-headers-5.10 |
bpftool |
hyperv-daemons |
libcpupower-dev |
libcpupower1 |
usbip |