[lfs-dev] And this week's CPU vulnerability is ...

Ken Moffat zarniwhoop at ntlworld.com
Wed Aug 7 12:11:43 PDT 2019

On Wed, Aug 07, 2019 at 04:00:52AM +0100, Ken Moffat via lfs-dev wrote:
> News sites are now filling up with reports of the 'SWAPGS'
> vulnerability, CVE-2019-1125, disclosed on Tuesday.
> Apparently, it affects all intels since Ivy Bridge, and (possibly)
> AMD - people who found it (Bitdefender.com) were unable to exploit it
> on AMD Fam15 or Fam16 and AMD suggest it will be very hard to
> exploit.  Specifically, AMD suggest they are only vulnerable to
> Scenario 2, Variant 2 of the possible series of attacks, and that
> existing mitigations for Spectre v1 will prevent this.
> https://www.amd.com/en/corporate/product-security/
> But I don't have a link to the various scenarios, and the CVE is
> still labelled as 'reserved'.
> If google is linking two and two together to make four (which would
> be a change!), kernels 5.2.7, 4.19.65, etc might have the
> mitigations.
In fact, linus merged the fixes for this "Grand Schemozzle"

But it IS in 5.2.7 (confirmed by looking at the diffstat at
kernel.org).  Probably only of real concern to anyone providing
hosting or VMs on intel - according to phoronix, the kernel does not
apply the new mitigations to AMD hardware.

Adopted by dwarfs, brought up by dwarfs.  To dwarfs I'm a dwarf, sir.
I can do the rite of k'zakra, I know the secrets of h'ragna, I can
ha'lk my g'rakha correctly ... I am a dwarf
           Captain Carrot Ironfoundersson (in The Fifth Elephant)

More information about the lfs-dev mailing list