[UBUNTU Focal, Jammy, Kinetic, Lunar, OEM-5.14, OEM-5.17, OEM-6.0 0/1] CVE-2022-2196
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Fri Feb 10 18:21:56 UTC 2023
[Impact]
An L2 guest could do an spectre-v2 attack on an L1 guest if that guest assumes
IBRS or eIBRS can be used to isolate between them, while it cannot. L0 needs to
issue an IBPB in these cases.
[Potential impact]
Systems using nested guests might have a performance impact.
Jim Mattson (1):
KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS
arch/x86/kvm/vmx/nested.c | 11 +++++++++++
arch/x86/kvm/vmx/vmx.c | 6 ++++--
2 files changed, 15 insertions(+), 2 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list