Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kernel: Cherry-pick fix for CVE-2023-20588 ("DIV0") #3373

Merged
merged 3 commits into from
Aug 30, 2023
Merged

kernel: Cherry-pick fix for CVE-2023-20588 ("DIV0") #3373

merged 3 commits into from
Aug 30, 2023

Commits on Aug 29, 2023

  1. kernel-5.10: cherry-pick fix for CVE-2023-20588 ("DIV0") 

    The fix for CVE-2023-20588 is currently only available in the kernel.org
upstream 5.10 stable kernel, but not yet in an Amazon Linux kernel
release. Cherry-pick it from the upstream kernel. Bring in an extra
commit (x86/bugs: Increase the x86 bugs vector size to two u32s) as a
dependency.

Contextual changes are necessary to make these patches apply as we
currently carry Amazon Linux' patches mitigating GDS and SRSO instead of
upstream variants of these patches.

Signed-off-by: Leonard Foerster <[email protected]>
    @foersleo
    foersleo committed Aug 29, 2023
    Configuration menu
    Copy the full SHA
    7abdc4b View commit details
    Browse the repository at this point in the history

  2. kernel-5.15: cherry-pick fix for CVE-2023-20588 ("DIV0") 

    The fic for CVE-2023-20588 is currently only available in the kernel.org
upstream 5.15 stable kernel, but not yet in an Amazon Linux kernel
release. Cherry-pick it from the upstream kernel. Bring in an extra
commit (x86/bugs: Increase the x86 bugs vector size to two u32s) as a
dependency.

Contextual changes are necessary to make these patches apply as we
currently carry Amazon Linux' patches mitigating GDS and SRSO instead of
upstream variants of these patches.

Signed-off-by: Leonard Foerster <[email protected]>
    @foersleo
    foersleo committed Aug 29, 2023
    Configuration menu
    Copy the full SHA
    4d75f0d View commit details
    Browse the repository at this point in the history

  3. kernel-6.1: cherry-pick fix for CVE-2023-20588 ("DIV0") 

    The fix for CVE-2023-20588 is currently only available in the knerel.org
upstream 6.1 stable kernel, but not yet in an Amazon Linux kernel
release. Cherry-pick it from the upstream kernel. Bring in an extra
commit (x86/bugs: Increase the x86 bugs vector size to two u32s) as a
dependency.

Contextual changes are necessary to make these patches apply as we
currently carry Amazon Linux' patches mitigating GDS and SRSO instead of
upstream vairants of these patches.

Signed-off-by: Leonard Foerster <[email protected]>
    @foersleo
    foersleo committed Aug 29, 2023
    Configuration menu
    Copy the full SHA
    e33dee6 View commit details
    Browse the repository at this point in the history