DLA 3525-1: linux-5.10 security update

Debian 9936 Published by

A linux-5.10 security update has been released for Debian GNU/Linux 10 LTS to address a hardware vulnerability for Intel CPUs.



[SECURITY] [DLA 3525-1] linux-5.10 security update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-3525-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Ben Hutchings
August 11, 2023 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : linux-5.10
Version : 5.10.179-5~deb10u1
CVE ID : CVE-2022-40982 CVE-2023-20569

CVE-2022-40982

Daniel Moghimi discovered Gather Data Sampling (GDS), a hardware
vulnerability for Intel CPUs which allows unprivileged speculative
access to data which was previously stored in vector registers.

This mitigation requires updated CPU microcode provided in the
intel-microcode package.

For details please refer to ( https://downfall.page/) and
( https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/gather-data-sampling.html) .

CVE-2023-20569

Daniel Trujillo, Johannes Wikner and Kaveh Razavi discovered
INCEPTION, also known as Speculative Return Stack Overflow (SRSO),
a transient execution attack that leaks arbitrary data on all AMD
Zen CPUs. An attacker can mis-train the CPU BTB to predict non-
architectural CALL instructions in kernel space and use this to
control the speculative target of a subsequent kernel RET,
potentially leading to information disclosure via a speculative
side-channel.

For details please refer to
( https://comsec.ethz.ch/research/microarch/inception/) and
( https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-7005) .

For Debian 10 buster, these problems have been fixed in version
5.10.179-5~deb10u1.

We recommend that you upgrade your linux-5.10 packages.

For the detailed security status of linux-5.10 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/linux-5.10

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



USN-6285-1: Linux kernel (OEM) vulnerabilities

XanMod Linux Kernel 6.1.45 released

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...