7.8

CVE-2023-52482

x86/srso: Add SRSO mitigation for Hygon processors

In the Linux kernel, the following vulnerability has been resolved:

x86/srso: Add SRSO mitigation for Hygon processors

Add mitigation for the speculative return stack overflow vulnerability
which exists on Hygon processors too.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.10.189 < 5.10.215
LinuxLinux Kernel Version >= 5.15.125 < 5.15.134
LinuxLinux Kernel Version >= 6.1.44 < 6.1.56
LinuxLinux Kernel Version >= 6.4.9 < 6.5.6
LinuxLinux Kernel Version6.6 Updaterc1
LinuxLinux Kernel Version6.6 Updaterc2
LinuxLinux Kernel Version6.6 Updaterc3
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.168
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Third Party Advisory
Mailing List
https://git.kernel.org/stable/c/6ce2f297a7168274547d0b5aea6c7c16268b8a96
Patch
https://git.kernel.org/stable/c/a5ef7d68cea1344cf524f04981c2b3f80bedbb0d
Patch
https://git.kernel.org/stable/c/cf43b304b6952b549d58feabc342807b334f03d4
Patch
https://git.kernel.org/stable/c/e7ea043bc3f19473561c08565047b3f1671bf35d
Patch
https://git.kernel.org/stable/c/f090a8b4d2e3ec6f318d6fdab243a2edc5a8cc37
Patch