github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-08-09 20:18:19 +00:00
Code Issues Projects Releases Wiki Activity

doc: update security advisory for 3.0.1 release

Browse Source 
Update security advisory for release_3.0.1

Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
This commit is contained in:
Yonghua Huang 2022-07-27 15:54:22 +03:00 committed by David Kinder
parent c46c78591d
commit 8c4ad317de
1 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
doc/asa.rst
View File

@ -3,9 +3,24 @@
Security Advisory Security Advisory
################# #################
Addressed in ACRN v3.0.1
************************
We recommend that all developers upgrade to this v3.0.1 release (or later), which
addresses the following security issue discovered in previous releases:
-----
- Disable RRSBA on platforms using retpoline
For platforms that supports RRSBA (Restricted Return Stack Buffer
Alternate), using retpoline may not be sufficient to guard against branch
history injection or intra-mode branch target injection. RRSBA must
be disabled to prevent CPUs from using alternate predictors for RETs.
(Addresses security issue tracked by CVE-2022-29901 and CVE-2022-28693.)
**Affected Release:** v3.0 and earlier
Addressed in ACRN v2.7 Addressed in ACRN v2.7
************************ ************************
We recommend that all developers upgrade to this v2.7 release (or later), which We recommend that all developers upgrade to this v2.7 release (or later), which
addresses the following security issue discovered in previous releases: addresses the following security issue discovered in previous releases: