Security tracker / CVE-2024-26670

CVE-2024-26670

arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD

References

• Debian security tracker
• cve.org

Notes

 carnil> Introduced in 471470bc7052 ("arm64: errata: Add Cortex-A520 speculative
 carnil> unprivileged load workaround"). Vulnerable versions: 6.1.57 6.5.7 6.6-rc5.

Bugs

Status

Branch	Status
upstream	released (6.8-rc1) [832dd634bd1b4e3bbe9f10b9c9ba5db6f6f2b97f]
6.18-upstream-stable	N/A "Fixed before branching point"
6.17-upstream-stable	N/A "Fixed before branching point"
6.12-upstream-stable	N/A "Fixed before branching point"
6.7-upstream-stable	released (6.7.3) [baa0aaac16432019651e0d60c41cd34a0c3c3477]
6.6-upstream-stable	released (6.6.15) [58eb5c07f41704464b9acc09ab0707b6769db6c0]
6.1-upstream-stable	needed
5.10-upstream-stable	N/A "Vulnerable code not present"
4.19-upstream-stable	N/A "Vulnerable code not present"
sid	released (6.6.15-1)
6.12-trixie-security	N/A "Fixed before branching point"
6.1-bookworm-security	needed
5.10-bullseye-security	N/A "Vulnerable code not present"
4.19-buster-security	N/A "Vulnerable code not present"