FS#59673 - [linux] L1TF vulnerablity

Attached to Project: Arch Linux
Opened by loqs (loqs) - Wednesday, 15 August 2018, 17:16 GMT
Last edited by Doug Newgard (Scimmia) - Friday, 17 August 2018, 16:14 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To Tobias Powalowski (tpowa)
Andreas Radke (AndyRTR)
Jan Alexander Steffens (heftig)
Levente Polyak (anthraxx)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
L1 Terminal Fault is a hardware vulnerability which allows unprivileged
speculative access to data which is available in the Level 1 Data Cache
when the page table entry controlling the virtual address, which is used
for the access, has the Present bit cleared or other reserved bits set.

Additional info:
* CVE-2018-3615 L1 Terminal Fault SGX related aspects
* CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
* CVE-2018-3646 L1 Terminal Fault Virtualization related aspects

Versions with mitigations:
4.14.63
4.17.15
4.18.1

As linux and linux-zen are in testing on 4.18 could 4.17.15 releases be pushed to stable to address the issue?
This task depends upon

Closed by  Doug Newgard (Scimmia)
Friday, 17 August 2018, 16:14 GMT
Reason for closing:  Fixed
Additional comments about closing:  linux 4.18.1.arch1-1
linux-zen 4.18.1.zen1-1
Comment by Levente Polyak (anthraxx) - Friday, 17 August 2018, 15:46 GMT
linux-hardened ald linux-lts are fixed, linux and linux-zen will hopefully shortly come out of [testing] and therefor mitigate this issue.

Its not so easy to push such updates as linux is [core] and goes through [testing] so doing prev version bumps before new major comes out of [testing] is pita and meh unfortunatly. Have no perfect solution for this in mind yet.

Loading...