Описание
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target
from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
A flaw was found in HW. When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch, potentially resulting in information disclosure.
Отчет
The Red Hat Enterprise Linux 8 and 9 are not affected if spectre_v2 mitigation enabled (and it is enabled by default).
Меры по смягчению последствий
The current mitigations for spectre V4 (or spectre_v2) should mitigate this flaw, no additional steps will need to be taken. In more details, according to the article https://kernel.org/doc/html//next/admin-guide/hw-vuln/cross-thread-rsb.html Two mitigations are needed:
- Stuff the RSB during context switch which is already being done in RHEL8/RHEL9 as long as the spectre_v2 mitigation is active.
- For KVM, the mitigation for the KVM_CAP_X86_DISABLE_EXITS capability can be turned on using the boolean module parameter mitigate_smt_rsb, e.g. vm.mitigate_smt_rsb=1. The command to check if mitigation is active: cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope | ||
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel | Affected | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Affected | ||
| Red Hat Enterprise Linux 9.2 Extended Update Support | kernel | Fixed | RHSA-2023:7370 | 21.11.2023 |
| Red Hat Enterprise Linux 9.2 Extended Update Support | kernel-rt | Fixed | RHSA-2023:7379 | 21.11.2023 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
4.7 Medium
CVSS3
Связанные уязвимости
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
When SMT is enabled, certain AMD processors may speculatively execute ...
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
EPSS
4.7 Medium
CVSS3