CVE-2023-52482 x86/srso: Add SRSO mitigation for Hygon processors

2024-02-2905:43:13

Linux

github.com

linux

kernel

srso

mitigation

hygon

processors

vulnerability

AI Score

7.7

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

In the Linux kernel, the following vulnerability has been resolved:

x86/srso: Add SRSO mitigation for Hygon processors

Add mitigation for the speculative return stack overflow vulnerability
which exists on Hygon processors too.

CNA Affected

[
  {
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "vendor": "Linux",
    "product": "Linux",
    "versions": [
      {
        "status": "affected",
        "version": "1da177e4c3f4",
        "lessThan": "e7ea043bc3f1",
        "versionType": "git"
      },
      {
        "status": "affected",
        "version": "1da177e4c3f4",
        "lessThan": "f090a8b4d2e3",
        "versionType": "git"
      },
      {
        "status": "affected",
        "version": "1da177e4c3f4",
        "lessThan": "6ce2f297a716",
        "versionType": "git"
      },
      {
        "status": "affected",
        "version": "1da177e4c3f4",
        "lessThan": "cf43b304b695",
        "versionType": "git"
      },
      {
        "status": "affected",
        "version": "1da177e4c3f4",
        "lessThan": "a5ef7d68cea1",
        "versionType": "git"
      }
    ],
    "programFiles": [
      "arch/x86/kernel/cpu/common.c"
    ],
    "defaultStatus": "unaffected"
  },
  {
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "vendor": "Linux",
    "product": "Linux",
    "versions": [
      {
        "status": "unaffected",
        "version": "5.10.215",
        "versionType": "custom",
        "lessThanOrEqual": "5.10.*"
      },
      {
        "status": "unaffected",
        "version": "5.15.134",
        "versionType": "custom",
        "lessThanOrEqual": "5.15.*"
      },
      {
        "status": "unaffected",
        "version": "6.1.56",
        "versionType": "custom",
        "lessThanOrEqual": "6.1.*"
      },
      {
        "status": "unaffected",
        "version": "6.5.6",
        "versionType": "custom",
        "lessThanOrEqual": "6.5.*"
      },
      {
        "status": "unaffected",
        "version": "6.6",
        "versionType": "original_commit_for_fix",
        "lessThanOrEqual": "*"
      }
    ],
    "programFiles": [
      "arch/x86/kernel/cpu/common.c"
    ],
    "defaultStatus": "affected"
  }
]