Description
Systems with microprocessors utilizing speculative execution and
speculative execution of memory reads before the addresses of all prior
memory writes are known may allow unauthorized disclosure of information to
an attacker with local user access via a side-channel analysis, aka
Speculative Store Bypass (SSB), Variant 4.
Ubuntu-Description
Jann Horn and Ken Johnson discovered that microprocessors utilizing
speculative execution of a memory read may allow unauthorized memory reads
via a sidechannel attack. This flaw is known as Spectre Variant 4. A local
attacker could use this to expose sensitive information, including kernel
memory.
Notes
tyhicks> "Variant 4"
tyhicks> The break-fix lines for this CVE are not complete since a large
number of patches are required to mitigate this issue. The commit(s) listed
are chosen as placeholders for automated CVE triage purposes.
Package
| Upstream: | released
(4.17~rc7)
|
| Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
| Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
| Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(was needs-triage ESM criteria)
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
| Upstream: | released
(4.17~rc7)
|
| Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
| Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
| Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(was needs-triage now end-of-life)
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
| Upstream: | released
(4.17~rc7)
|
| Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
| Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(abandoned)
|
| Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
| Upstream: | released
(4.17~rc7)
|
| Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
| Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
| Ubuntu 16.04 LTS (Xenial Xerus): | released
(4.13.0-43.48~16.04.1)
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
| linux-krillin: | ignored
(was needs-triage now end-of-life)
|
Package
| Upstream: | released
(4.17~rc7)
|
| Ubuntu 12.04 ESM (Precise Pangolin): | released
(3.13.0-149.199~precise1)
|
| Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
| Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
| Upstream: | released
(4.17~rc7)
|
| Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
| Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(end-of-life)
|
| Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
| Upstream: | released
(4.17~rc7)
|
| Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
| Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(end-of-life)
|
| Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
| Upstream: | released
(4.17~rc7)
|
| Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
| Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(end-of-life)
|
| Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
| Upstream: | released
(4.17~rc7)
|
| Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
| Ubuntu 14.04 LTS (Trusty Tahr): | released
(4.4.0-127.153~14.04.1)
|
| Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
| Upstream: | released
(4.17~rc7)
|
| Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
| Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(abandoned)
|
| Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
| Upstream: | released
(4.17~rc7)
|
| Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
| Ubuntu 14.04 LTS (Trusty Tahr): | ignored
(abandoned)
|
| Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
| Upstream: | released
(4.17~rc7)
|
| Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
| Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
| Ubuntu 16.04 LTS (Xenial Xerus): | released
(4.4.0-1094.99)
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Package
| linux-vegetahd: | ignored
(was needs-triage now end-of-life)
|
Package
| Upstream: | needed
|
| Ubuntu 12.04 ESM (Precise Pangolin): | needed
|
| Ubuntu 14.04 LTS (Trusty Tahr): | DNE
|
| Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
| Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
| Ubuntu 18.10 (Cosmic Cuttlefish): | DNE
|
| Ubuntu 19.04 (Disco Dingo): | DNE
|
Updated: 2018-11-15 20:14:45 UTC (commit d9543589c6e92d8da69d7a494cca67004591e2ed)