CVE-2024-35996

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> cpu: Re-enable CPU mitigations by default for !X86 architectures<br /> <br /> Rename x86&amp;#39;s to CPU_MITIGATIONS, define it in generic code, and force it<br /> on for all architectures exception x86. A recent commit to turn<br /> mitigations off by default if SPECULATION_MITIGATIONS=n kinda sorta<br /> missed that "cpu_mitigations" is completely generic, whereas<br /> SPECULATION_MITIGATIONS is x86-specific.<br /> <br /> Rename x86&amp;#39;s SPECULATIVE_MITIGATIONS instead of keeping both and have it<br /> select CPU_MITIGATIONS, as having two configs for the same thing is<br /> unnecessary and confusing. This will also allow x86 to use the knob to<br /> manage mitigations that aren&amp;#39;t strictly related to speculative<br /> execution.<br /> <br /> Use another Kconfig to communicate to common code that CPU_MITIGATIONS<br /> is already defined instead of having x86&amp;#39;s menu depend on the common<br /> CPU_MITIGATIONS. This allows keeping a single point of contact for all<br /> of x86&amp;#39;s mitigations, and it&amp;#39;s not clear that other architectures *want*<br /> to allow disabling mitigations at compile-time.