logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2019-15902

Description

A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.


Affected Software


CPE Name Name Version
linux:linux_kernel linux linux kernel 4.9.190
linux:linux_kernel linux linux kernel 4.14.141
linux:linux_kernel linux linux kernel 4.19.69
linux:linux_kernel linux linux kernel 5.2.11
linux:linux_kernel linux linux kernel 4.4.190
debian:debian_linux debian debian linux 9.0
debian:debian_linux debian debian linux 10.0
opensuse:leap opensuse leap 15.0
opensuse:leap opensuse leap 15.1
netapp:active_iq_performance_analytics_services netapp active iq performance analytics services -
debian:debian_linux debian debian linux 8.0
netapp:service_processor netapp service processor -
netapp:baseboard_management_controller_firmware netapp baseboard management controller firmware -

Related