** Changed in: linux (Ubuntu Xenial)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1775137
Title:
Prevent speculation on user controlled pointer
Status in linux package in Ubuntu:
Incomplete
Status in linux source package in Precise:
New
Status in linux source package in Trusty:
New
Status in linux source package in Xenial:
Fix Committed
Bug description:
== SRU Justification ==
Upstream's Spectre v1 mitigation prevents speculation on a user controlled
pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for
unknown reasons) so Xenial/Trusty/Precise are lacking it as well. All the other
stable upstream kernels include it, so add it to our older kernels.
== Fix ==
Backport the following patches:
x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec
x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end}
x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec
== Regression Potential ==
Low. Patches have been in upstream (and other distro kernels) for quite a
while now and the changes only introduce a barrier on copy_from_user operations.
== Test Case ==
TBD.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1775137/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
