x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variety of speculative attacks.
[
{
"vendor": "Xen",
"product": "xen",
"versions": [
{
"version": "consult Xen advisory XSA-429",
"status": "unknown"
}
]
}
]
www.openwall.com/lists/oss-security/2023/03/21/3
xenbits.xen.org/xsa/advisory-429.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5L6PM4RE7MUE6OWA32ZVOXCP235RM2TM/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APBMS2Q6746AXAFAITNJMGBNFGNMVLWR/
security.gentoo.org/glsa/202402-07
www.debian.org/security/2023/dsa-5378
xenbits.xenproject.org/xsa/advisory-429.txt