[SRU Focal,Jammy,Lunar,OEM-6.0,OEM-6.1,OEM-5.17 0/2] CVE-2023-20593

Thadeu Lima de Souza Cascardo cascardo at canonical.com
Fri Jul 28 15:21:15 UTC 2023

Use-after-free on register allocation after speculative execution leads
to data leak and corruption on AMD Zen2 processors.

[Test case]
Public PoC was used to test the fix on 5.15 and 6.2 kernels.

Some conflict fixups due to some missing commits were necessary. They were
mostly for context adjustment and not any real changes. Except for 5.17,
where the MSR definition was not present in the header and was added there.

[Potential regression]
This can cause boot issues or WARNings during boot if setting the MSR on
unsupported platforms. It can also impact performance or other behavior
change due to setting the chicken bit.

Borislav Petkov (AMD) (2):
  x86/cpu/amd: Move the errata checking functionality up
  x86/cpu/amd: Add a Zenbleed fix

 arch/x86/include/asm/microcode.h     |   1 +
 arch/x86/include/asm/microcode_amd.h |   2 +
 arch/x86/include/asm/msr-index.h     |   1 +
 arch/x86/kernel/cpu/amd.c            | 199 +++++++++++++++++----------
 arch/x86/kernel/cpu/common.c         |   2 +
 5 files changed, 133 insertions(+), 72 deletions(-)


More information about the kernel-team mailing list