Allele Security Alert
ASA-2019-00533
Identifier(s)
ASA-2019-00533, CVE-2019-15902
Title
Backporting error in ptrace_get_debugreg() re-introduces Spectre
Vendor(s)
Linux foundation
Product(s)
Linux kernel
Affected version(s)
Linux kernel stable/longterm versions 4.4.186 to 4.4.190
Linux kernel stable/longterm versions 4.9.186 to 4.9.190
Linux kernel stable/longterm versions 4.14.134 to 4.14.141
Linux kernel stable/longterm versions 4.19.59 to 4.19.69
Linux kernel stable/longterm versions 5.2.1 to 5.2.11
Fixed version(s)
Linux kernel stable/longterm version 4.4.191
Linux kernel stable/longterm version 4.9.191
Linux kernel stable/longterm version 4.14.142
Linux kernel stable/longterm version 4.19.71
Linux kernel stable/longterm version 5.2.13
Proof of concept
Yes
Description
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream “x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()” commit reintroduced the Spectre vulnerability that it aimed to eliminate.
Technical details
Unknown
Credits
Brad Spengler (Grsecurity)
Reference(s)
Teardown of a Failed Linux LTS Spectre Fix
https://grsecurity.net/teardown_of_a_failed_linux_lts_spectre_fix.php
x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=31a2fbb390fee4231281b939e1979e810f945415
Re: [GIT pull] x86/pti for 5.3-rc1
https://lkml.org/lkml/2019/7/8/1104
Patch “x86/ptrace: fix up botched merge of spectrev1 fix” has been added to the 5.2-stable tree
https://www.spinics.net/lists/stable-commits/msg129020.html
Patch “x86/ptrace: fix up botched merge of spectrev1 fix” has been added to the 4.19-stable tree
https://www.spinics.net/lists/stable-commits/msg129019.html
Patch “x86/ptrace: fix up botched merge of spectrev1 fix” has been added to the 4.14-stable tree
https://www.spinics.net/lists/stable-commits/msg129018.html
Patch “x86/ptrace: fix up botched merge of spectrev1 fix” has been added to the 4.9-stable tree
https://www.spinics.net/lists/stable-commits/msg129017.html
Patch “x86/ptrace: fix up botched merge of spectrev1 fix” has been added to the 4.4-stable tree
https://www.spinics.net/lists/stable-commits/msg129016.html
ChangeLog-4.19.71
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.71
ChangeLog-4.14.142
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.142
ChangeLog-4.9.191
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.191
ChangeLog-4.4.191
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.191
CVE-2019-15902
https://security-tracker.debian.org/tracker/CVE-2019-15902
CVE-2019-15902 | SUSE
https://www.suse.com/security/cve/CVE-2019-15902
CVE-2019-15902
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15902
CVE-2019-15902
https://nvd.nist.gov/vuln/detail/CVE-2019-15902
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: September 6, 2019