f83377b7b3
Fixes the following security issues: - CVE-2021-0146: Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html - CVE-2021-0127: Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html - CVE-2022-21151: Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00617.html - CVE-2022-0005: Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html - CVE-2022-21233: Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html For more details, see the release notes: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/blob/main/releasenote.md Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> [Peter: extend commit message with security fix details] Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| arch | ||
| board | ||
| boot | ||
| configs | ||
| docs | ||
| fs | ||
| linux | ||
| package | ||
| support | ||
| system | ||
| toolchain | ||
| utils | ||
| .clang-format | ||
| .defconfig | ||
| .flake8 | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .shellcheckrc | ||
| CHANGES | ||
| Config.in | ||
| Config.in.legacy | ||
| COPYING | ||
| DEVELOPERS | ||
| Makefile | ||
| Makefile.legacy | ||
| README | ||
Buildroot is a simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation. The documentation can be found in docs/manual. You can generate a text document with 'make manual-text' and read output/docs/manual/manual.text. Online documentation can be found at http://buildroot.org/docs.html To build and use the buildroot stuff, do the following: 1) run 'make menuconfig' 2) select the target architecture and the packages you wish to compile 3) run 'make' 4) wait while it compiles 5) find the kernel, bootloader, root filesystem, etc. in output/images You do not need to be root to build or run buildroot. Have fun! Buildroot comes with a basic configuration for a number of boards. Run 'make list-defconfigs' to view the list of provided configurations. Please feed suggestions, bug reports, insults, and bribes back to the buildroot mailing list: buildroot@buildroot.org You can also find us on #buildroot on OFTC IRC. If you would like to contribute patches, please read https://buildroot.org/manual.html#submitting-patches