[SRU Focal,Jammy,Lunar,OEM-6.0,OEM-6.1,OEM-5.17 0/2] CVE-2023-20593
Stefan Bader
stefan.bader at canonical.com
Mon Jul 31 09:27:42 UTC 2023
On 28.07.23 17:21, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Use-after-free on register allocation after speculative execution leads
> to data leak and corruption on AMD Zen2 processors.
>
> [Test case]
> Public PoC was used to test the fix on 5.15 and 6.2 kernels.
>
> [Backports]
> Some conflict fixups due to some missing commits were necessary. They were
> mostly for context adjustment and not any real changes. Except for 5.17,
> where the MSR definition was not present in the header and was added there.
>
> [Potential regression]
> This can cause boot issues or WARNings during boot if setting the MSR on
> unsupported platforms. It can also impact performance or other behavior
> change due to setting the chicken bit.
>
> Borislav Petkov (AMD) (2):
> x86/cpu/amd: Move the errata checking functionality up
> x86/cpu/amd: Add a Zenbleed fix
>
> arch/x86/include/asm/microcode.h | 1 +
> arch/x86/include/asm/microcode_amd.h | 2 +
> arch/x86/include/asm/msr-index.h | 1 +
> arch/x86/kernel/cpu/amd.c | 199 +++++++++++++++++----------
> arch/x86/kernel/cpu/common.c | 2 +
> 5 files changed, 133 insertions(+), 72 deletions(-)
>
What about HWE-5.19?
--
- Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230731/a404d112/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230731/a404d112/attachment-0001.sig>
More information about the kernel-team
mailing list