| Package | linux-4.19 |
|---|---|
| Version | 4.19.289-2~deb8u1 (jessie), 4.19.289-2~deb9u1 (stretch) |
| Related CVEs | CVE-2022-40982 |
Daniel Moghimi discovered Gather Data Sampling (GDS), a hardware vulnerability for Intel CPUs which allows unprivileged speculative access to data which was previously stored in vector registers.
This mitigation requires updated CPU microcode provided in the intel-microcode package and released as ELA-935-1.
For details please refer to https://downfall.page/ and https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/gather-data-sampling.html.
For Debian 8 jessie, these problems have been fixed in version 4.19.289-2~deb8u1.
For Debian 9 stretch, these problems have been fixed in version 4.19.289-2~deb9u1.
We recommend that you upgrade your linux-4.19 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.