[lfs-dev] And this week's CPU vulnerability is ...

Ken Moffat zarniwhoop at ntlworld.com
Tue Aug 6 20:00:52 PDT 2019

News sites are now filling up with reports of the 'SWAPGS'
vulnerability, CVE-2019-1125, disclosed on Tuesday.

Apparently, it affects all intels since Ivy Bridge, and (possibly)
AMD - people who found it (Bitdefender.com) were unable to exploit it
on AMD Fam15 or Fam16 and AMD suggest it will be very hard to
exploit.  Specifically, AMD suggest they are only vulnerable to
Scenario 2, Variant 2 of the possible series of attacks, and that
existing mitigations for Spectre v1 will prevent this.


But I don't have a link to the various scenarios, and the CVE is
still labelled as 'reserved'.

If google is linking two and two together to make four (which would
be a change!), kernels 5.2.7, 4.19.65, etc might have the

Apparently, windows rolled out fixes last month.

As usual, it looks hard to exploit.

Adopted by dwarfs, brought up by dwarfs.  To dwarfs I'm a dwarf, sir.
I can do the rite of k'zakra, I know the secrets of h'ragna, I can
ha'lk my g'rakha correctly ... I am a dwarf
           Captain Carrot Ironfoundersson (in The Fifth Elephant)

More information about the lfs-dev mailing list