Univention Bugzilla – Bug 56430
linux: Multiple issues (5.0)
Last modified: 2023-11-13 09:02:51 CET
New Debian linux 4.19.289-2 fixes: This update addresses the following issue: 4.19.289-2 (Tue, 08 Aug 2023 04:35:25 +0200) * [x86] Add mitigations for Gather Data Sampling (GDS) (CVE-2022-40982) - init: Provide arch_cpu_finalize_init() - x86/cpu: Switch to arch_cpu_finalize_init() - ARM: cpu: Switch to arch_cpu_finalize_init() - init: Remove check_bugs() leftovers - init: Invoke arch_cpu_finalize_init() earlier - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init() - x86/fpu: Remove cpuinfo argument from init functions - x86/fpu: Mark init functions __init - x86/fpu: Move FPU initialization into arch_cpu_finalize_init() - x86/speculation: Add Gather Data Sampling mitigation - x86/speculation: Add force option to GDS mitigation - x86/speculation: Add Kconfig option for GDS - KVM: Add GDS_NO support to KVM - x86/xen: Fix secondary processors' FPU initialization - Documentation/x86: Fix backwards on/off logic about YMM support * [x86] cpu: Avoid ABI change for GDS mitigations
*** Bug 56433 has been marked as a duplicate of this bug. ***
--- mirror/ftp/pool/main/l/linux/linux_4.19.289-1.dsc +++ apt/ucs_5.0-0-errata5.0-4/source/linux_4.19.289-2.dsc @@ -1,3 +1,23 @@ +4.19.289-2 [Tue, 08 Aug 2023 04:35:25 +0200] Ben Hutchings <benh@debian.org>: + + * [x86] Add mitigations for Gather Data Sampling (GDS) (CVE-2022-40982) + - init: Provide arch_cpu_finalize_init() + - x86/cpu: Switch to arch_cpu_finalize_init() + - ARM: cpu: Switch to arch_cpu_finalize_init() + - init: Remove check_bugs() leftovers + - init: Invoke arch_cpu_finalize_init() earlier + - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init() + - x86/fpu: Remove cpuinfo argument from init functions + - x86/fpu: Mark init functions __init + - x86/fpu: Move FPU initialization into arch_cpu_finalize_init() + - x86/speculation: Add Gather Data Sampling mitigation + - x86/speculation: Add force option to GDS mitigation + - x86/speculation: Add Kconfig option for GDS + - KVM: Add GDS_NO support to KVM + - x86/xen: Fix secondary processors' FPU initialization + - Documentation/x86: Fix backwards on/off logic about YMM support + * [x86] cpu: Avoid ABI change for GDS mitigations + 4.19.289-1 [Tue, 25 Jul 2023 01:50:13 +0200] Ben Hutchings <benh@debian.org>: * New upstream stable update: <http://piuparts.knut.univention.de/5.0-4/#8478701157158219187>
<http://piuparts.knut.univention.de/5.0-4/#835393849069907968>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts OK: apt-get install -t apt OK: amd64 @ kvm + SeaBIOS OK: amd64 @ kvm + OVMF + SB IGN: mokutil --sb-state OK: dmesg -H | grep -i secure OK: uname -a OK: dmesg -H OK: ./linux-dmesg-norm -a OK: Rebuild latest ISO with new D-I: isotests/ucs_5.0-2-latest-amd64.iso OK: amd64 @ kvm + OVMF + SB install [5.0-4] c912914b2a Bug #56430: linux 4.19.289-2 doc/errata/staging/linux.yaml | 1 + 1 file changed, 1 insertion(+) [5.0-4] 8945db3909 Bug #56430: linux 4.19.289-2 doc/errata/staging/linux.yaml | 15 +-------------- 1 file changed, 1 insertion(+), 14 deletions(-) [5.0-4] e00e55554e Bug #56430: linux 4.19.289-2 doc/errata/staging/linux.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x782> <https://errata.software-univention.de/#/?erratum=5.0x783>