CVE-2017-5715
Multiple researchers have discovered a vulnerability in various
processors supporting speculative execution, enabling an attacker
controlling an unprivileged process to read memory from arbitrary
addresses, including from the kernel and all other processes
running on the system.
This specific attack has been named Spectre variant 2 (branch
target injection) and is mitigated for the x86 architecture (amd64
and i386) by using new microcoded features.
This mitigation requires an update to the processor's microcode,
which is non-free. For recent Intel processors, this is included
in the intel-microcode package from version 3.20180425.1~deb8u1.
For other processors, it may be included in an update to the
system BIOS or UEFI firmware, or in a later update to the
amd64-microcode package.
This vulnerability was already mitigated for the x86 architecture
by the "retpoline" feature.
CVE-2017-5753
Get the latest Linux and open source security news straight to your inbox.