Description
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs
undesirable out-of-bounds speculation on pointer arithmetic in various
cases, including cases of different branches with different state or limits
to sanitize, leading to side-channel attacks.
Ubuntu-Description
Jann Horn discovered that the eBPF implementation in the Linux kernel was
insufficiently hardened against Spectre V1 attacks. A local attacker could
use this to expose sensitive information.
Notes
tyhicks | Mitigation for this vulnerability is available by setting the
kernel.unprivileged_bpf_disabled sysctl to 1:
$ sudo sysctl kernel.unprivileged_bpf_disabled=1
$ echo kernel.unprivileged_bpf_disabled=1 | \
sudo tee /etc/sysctl.d/90-CVE-2019-7308.conf
This issue is mitigated on systems that use secure boot, thanks to
the kernel lockdown feature which blocks BPF program loading. |
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | not-affected
(5.0.0-1021.24~18.04.1)
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | released
(4.15.0-1035.37~16.04.1)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | not-affected
(5.3.0-1007.8~18.04.1)
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | released
(4.15.0-1041.45)
|
Ubuntu 18.04 LTS (Bionic Beaver): | released
(4.18.0-1014.14~18.04.1)
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | not-affected
(4.4.0-9019.20)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [abandoned])
|
Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(abandoned)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | not-affected
(5.3.0-1008.9~18.04.1)
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | released
(4.15.0-1029.31)
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(end-of-life)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | not-affected
(4.15.0-1030.32)
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | not-affected
(5.0.0-1011.11~18.04.1)
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [abandoned])
|
Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(end-of-life)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [abandoned])
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | released
(4.15.0-47.50~16.04.1)
|
Ubuntu 18.04 LTS (Bionic Beaver): | released
(4.18.0-17.18~18.04.1)
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | released
(4.15.0-47.50~16.04.1)
|
Ubuntu 18.04 LTS (Bionic Beaver): | not-affected
(5.0.0-15.16~18.04.1)
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | not-affected
(3.13.0-24.46~precise1)
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [end-of-life])
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [end-of-life])
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [end-of-life])
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | ignored
(was needed ESM criteria)
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [abandoned])
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [abandoned])
|
Ubuntu 16.04 LTS (Xenial Xerus): | ignored
(abandoned)
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was ignored [abandoned])
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | DNE
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Package
Upstream: | released
(5.0~rc3)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
|
Ubuntu 16.04 LTS (Xenial Xerus): | DNE
|
Ubuntu 18.04 LTS (Bionic Beaver): | not-affected
(5.0.0-1007.12~18.04.1)
|
Ubuntu 19.04 (Disco Dingo): | DNE
|
Ubuntu 19.10 (Eoan Ermine): | DNE
|
Ubuntu 20.04 (Focal Fossa): | DNE
|
Updated: 2019-12-05 20:09:11 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)