On Wed, Aug 07, 2019 at 04:00:52AM +0100, Ken Moffat via lfs-dev wrote:
> News sites are now filling up with reports of the 'SWAPGS'
> vulnerability, CVE-2019-1125, disclosed on Tuesday.
>
> Apparently, it affects all intels since Ivy Bridge, and (possibly)
> AMD - people who found it (Bitdefender.com) were unable to exploit it
> on AMD Fam15 or Fam16 and AMD suggest it will be very hard to
> exploit. Specifically, AMD suggest they are only vulnerable to
> Scenario 2, Variant 2 of the possible series of attacks, and that
> existing mitigations for Spectre v1 will prevent this.
>
> https://www.amd.com/en/corporate/product-security/
>
> But I don't have a link to the various scenarios, and the CVE is
> still labelled as 'reserved'.
>
> If google is linking two and two together to make four (which would
> be a change!), kernels 5.2.7, 4.19.65, etc might have the
> mitigations.
>
In fact, linus merged the fixes for this "Grand Schemozzle"
yesterday.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4368c4bc9d36821690d6bb2e743d5a075b6ddb55
But it IS in 5.2.7 (confirmed by looking at the diffstat at
kernel.org). Probably only of real concern to anyone providing
hosting or VMs on intel - according to phoronix, the kernel does not
apply the new mitigations to AMD hardware.
ĸen
--
Adopted by dwarfs, brought up by dwarfs. To dwarfs I'm a dwarf, sir.
I can do the rite of k'zakra, I know the secrets of h'ragna, I can
ha'lk my g'rakha correctly ... I am a dwarf
Captain Carrot Ironfoundersson (in The Fifth Elephant)
--
http://lists.linuxfromscratch.org/listinfo/lfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
