Synopsis: ELSA-2022-9198 cannot be patched using Ksplice CVEs: CVE-2021-26341 CVE-2021-26401 CVE-2022-0001 CVE-2022-0002
More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2022-9198.html NOTE Oracle will not provide a zero downtime update for CVE-2022-0001, CVE-2022-0002, CVE-2021-26401 and CVE-2021-26341. On the 8th of March 2022, Vrije Universiteit (VU) Amsterdam researchers, AMD, Ampere, ARM and Intel jointly reported new security vulnerabilities based on Branch Target Injection (BTI) (commonly called Spectre v2 variants). The reporters recommend disabling unprivileged BPF to mitigate this vulnerability as well as using generic retpoline even when eIBRS is available on the platform or on special AMD/Hygon CPUs. Unprivileged BPF can already be disabled at runtime by setting the kernel.unprivileged_bpf_disabled sysctl. If your CPU is affected and is not already using retpoline as the Spectre V2 mitigation, a reboot into the newest kernel will be required in order to get the full retpoline mitigations in place. Orabug: 33922122 SUPPORT Ksplice support is available at [email protected]. _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata
