USN-4096-1

Details

Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information (kernel memory).

Affected Packages

Ubuntu:16.04:LTSlinux-aws-hwe

Fixed in:

4.15.0-1045.47~16.04.1

Ubuntu:18.04:LTSlinux-aws

Fixed in:

4.15.0-1045.47

References

REPORThttps://ubuntu.com/security/CVE-2019-1125 ADVISORYhttps://ubuntu.com/security/notices/USN-4096-1

USN-4096-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline