Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 439
Alerts This Week
Warning Icon 1 439

Debian Bullseye DSA-5095-1 Critical: Kernel Issues Affecting Security

debian
Calendar Grey March 9, 2022
Debian Logo
The Debian Security Advisory DSA-5100-1 highlights vulnerabilities within the network stack, recommending necessary patches to prevent potential exploits.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks

Summary

CVE-2020-36310

A flaw was discovered in the KVM implementation for AMD processors,
which could lead to an infinite loop. A malicious VM guest could
exploit this to cause a denial of service.

CVE-2022-0001 (INTEL-SA-00598)

Researchers at VUSec discovered that the Branch History Buffer in
Intel processors can be exploited to create information side-
channels with speculative execution. This issue is similar to
Spectre variant 2, but requires additional mitigations on some
processors.

This can be exploited to obtain sensitive information from a
different security context, such as from user-space to the kernel,
or from a KVM guest to the kernel.

CVE-2022-0002 (INTEL-SA-00598)

This is a similar issue to CVE-2022-0001, but covers exploitation
within a security context, such as from JIT-compiled code in a
sandbox to hosting code in the same process.

This is partly mitigated by disabling eBPF for unprivileged users with the sysctl: kernel.unpr...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: linux
CVE ID: CVE-2020-36310 CVE-2022-0001 CVE-2022-0002 CVE-2022-0487

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.