UBUNTU: SAUCE: claim mitigation via observable speculation barrier
CVE-2017-5753 (Spectre v1 Intel)
Signed-off-by: Andy Whitcroft <email address hidden>
ef5e1c8...
by
Elena Reshetova <email address hidden>
userns: prevent speculative execution
CVE-2017-5753 (Spectre v1 Intel)
Since the pos value in function m_start()
seems to be controllable by userspace and later on
conditionally (upon bound check) used to resolve
map->extent, insert an observable speculation
barrier before its usage. This should prevent
observable speculation on that branch and avoid
kernel memory leak.
Signed-off-by: Elena Reshetova <email address hidden>
Signed-off-by: Andy Whitcroft <email address hidden>
a7717e5...
by
Elena Reshetova <email address hidden>
udf: prevent speculative execution
CVE-2017-5753 (Spectre v1 Intel)
Since the eahd->appAttrLocation value in function
udf_add_extendedattr() seems to be controllable by
userspace and later on conditionally (upon bound check)
used in following memmove, insert an observable speculation
barrier before its usage. This should prevent
observable speculation on that branch and avoid
kernel memory leak.
Signed-off-by: Elena Reshetova <email address hidden>
Signed-off-by: Andy Whitcroft <email address hidden>
2efc658...
by
Elena Reshetova <email address hidden>
net: mpls: prevent speculative execution
CVE-2017-5753 (Spectre v1 Intel)
Since the index value in function mpls_route_input_rcu()
seems to be controllable by userspace and later on
conditionally (upon bound check) used to resolve
platform_label, insert an observable speculation
barrier before its usage. This should prevent
observable speculation on that branch and avoid
kernel memory leak.
Signed-off-by: Elena Reshetova <email address hidden>
Signed-off-by: Andy Whitcroft <email address hidden>
617771c...
by
Elena Reshetova <email address hidden>
fs: prevent speculative execution
CVE-2017-5753 (Spectre v1 Intel)
Since the fd value in function __fcheck_files()
seems to be controllable by userspace and later on
conditionally (upon bound check) used to resolve
fdt->fd, insert an observable speculation
barrier before its usage. This should prevent
observable speculation on that branch and avoid
kernel memory leak.
Signed-off-by: Elena Reshetova <email address hidden>
Signed-off-by: Andy Whitcroft <email address hidden>
b6f194e...
by
Elena Reshetova <email address hidden>
ipv6: prevent speculative execution
CVE-2017-5753 (Spectre v1 Intel)
Since the offset value in function raw6_getfrag()
seems to be controllable by userspace and later on
conditionally (upon bound check) used in the
following memcpy, insert an observable speculation
barrier before its usage. This should prevent
observable speculation on that branch and avoid
kernel memory leak.
Signed-off-by: Elena Reshetova <email address hidden>
Signed-off-by: Andy Whitcroft <email address hidden>