A native Spectre-v2 exploit against the Linux kernel on last-generation Intel CPUs, based on the recent BHI variant and able to leak arbitrary kernel memory at 3.5 kB/sec. In this flaw a number of gadgets and exploitation techniques to bypass the recent FineIBT mitigation, along with a case study on a 13th Gen Intel CPU that can leak kernel memory at 18 bytes/sec. Reference: https://www.openwall.com/lists/oss-security/2024/04/09/15 https://www.vusec.net/projects/native-bhi/ https://download.vusec.net/papers/inspectre_sec24.pdf
*** Bug 2250691 has been marked as a duplicate of this bug. ***
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:5102 https://access.redhat.com/errata/RHSA-2024:5102
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:5101 https://access.redhat.com/errata/RHSA-2024:5101
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2024:6995 https://access.redhat.com/errata/RHSA-2024:6995
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2024:6994 https://access.redhat.com/errata/RHSA-2024:6994
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:8614 https://access.redhat.com/errata/RHSA-2024:8614
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:8613 https://access.redhat.com/errata/RHSA-2024:8613
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:8617 https://access.redhat.com/errata/RHSA-2024:8617