doc: update security advisory for 3.0.1 release

Update security advisory for release_3.0.1 Signed-off-by: Yonghua Huang <yonghua.huang@intel.com> Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
2025-06-22 21:47:22 +00:00 · 2022-07-27 15:54:22 +03:00 · 2022-07-27 15:54:22 +03:00 · 8c4ad317de
commit 8c4ad317de
parent c46c78591d
1 changed files with 16 additions and 1 deletions
--- a/doc/asa.rst
+++ b/doc/asa.rst
@ -3,9 +3,24 @@
 Security Advisory
 #################

+Addressed in ACRN v3.0.1
+************************
+We recommend that all developers upgrade to this v3.0.1 release (or later), which
+addresses the following security issue discovered in previous releases:
+
+-----
+
+-  Disable RRSBA on platforms using retpoline
+    For platforms that supports RRSBA (Restricted Return Stack Buffer
+    Alternate), using retpoline may not be sufficient to guard against branch
+    history injection or intra-mode branch target injection. RRSBA must
+    be disabled to prevent CPUs from using alternate predictors for RETs.
+    (Addresses security issue tracked by CVE-2022-29901 and CVE-2022-28693.)
+
+    **Affected Release:** v3.0 and earlier
+
 Addressed in ACRN v2.7
 ************************
-
 We recommend that all developers upgrade to this v2.7 release (or later), which
 addresses the following security issue discovered in previous releases: