FS#59673 - [linux] L1TF vulnerablity
Attached to Project:
Arch Linux
Opened by loqs (loqs) - Wednesday, 15 August 2018, 17:16 GMT
Last edited by Doug Newgard (Scimmia) - Friday, 17 August 2018, 16:14 GMT
Opened by loqs (loqs) - Wednesday, 15 August 2018, 17:16 GMT
Last edited by Doug Newgard (Scimmia) - Friday, 17 August 2018, 16:14 GMT
|
Details
Description:
L1 Terminal Fault is a hardware vulnerability which allows unprivileged speculative access to data which is available in the Level 1 Data Cache when the page table entry controlling the virtual address, which is used for the access, has the Present bit cleared or other reserved bits set. Additional info: * CVE-2018-3615 L1 Terminal Fault SGX related aspects * CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects * CVE-2018-3646 L1 Terminal Fault Virtualization related aspects Versions with mitigations: 4.14.63 4.17.15 4.18.1 As linux and linux-zen are in testing on 4.18 could 4.17.15 releases be pushed to stable to address the issue? |
This task depends upon
Closed by Doug Newgard (Scimmia)
Friday, 17 August 2018, 16:14 GMT
Reason for closing: Fixed
Additional comments about closing: linux 4.18.1.arch1-1
linux-zen 4.18.1.zen1-1
Friday, 17 August 2018, 16:14 GMT
Reason for closing: Fixed
Additional comments about closing: linux 4.18.1.arch1-1
linux-zen 4.18.1.zen1-1
Its not so easy to push such updates as linux is [core] and goes through [testing] so doing prev version bumps before new major comes out of [testing] is pita and meh unfortunatly. Have no perfect solution for this in mind yet.