A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-04T05:50:48
Updated: 2024-08-05T01:03:32.281Z
Reserved: 2019-09-04T00:00:00
Link: CVE-2019-15902
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-09-04T06:15:10.780
Modified: 2024-11-21T04:29:42.037
Link: CVE-2019-15902
Redhat