Amd.comAMD-SB-1036LFENCE/JMP Mitigation Update for CVE-2017-5715
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
10.7%
Bulletin ID: AMD-SB-1036 **Potential Impact:**Loss of Confidentiality **Severity:**Medium
Summary
AMD is providing an update for one recommended mitigation for CVE-2017-5715 previously known as Spectre Variant 2. The speculative execution window of AMD LFENCE/JMP mitigation (MITIGATION V2-2) may be large enough to be exploited on AMD CPUs.
As of the date of this disclosure, AMD is not aware of any active exploits in the wild of AMD products that use CVE-2017-5715.
CVE Details
CVE-2021-26401
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
Affected Products
Server
- 1st/2nd/3rd Gen AMD EPYC™ Processors
Desktop
- AMD Ryzen™ 2000 series Desktop processor
- AMD Ryzen™ 3000 Series Desktop processor
- AMD Ryzen™ 5000 Series Desktop processor
- AMD Ryzen™ 4000 Series Desktop processors with Radeon™ graphics
- AMD Ryzen™ 5000 Series Desktop processor with Radeon™ graphics
High End Desktop (HEDT)
- 2nd Gen AMD Ryzen™ Threadripper™ processors
- 3rd Gen AMD Ryzen™ Threadripper™ processors
Workstation
- AMD Ryzen™ Threadripper™ PRO processors
Mobile
- AMD Athlon™ 3000 Series Mobile processors with Radeon™ graphics
- AMD Ryzen™ 2000 Series Mobile processor
- AMD Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile processor with Radeon™ graphics
- AMD Ryzen™ 3000 Series Mobile processor with Radeon™ graphics
- AMD Ryzen™ 4000 Series Mobile processors with Radeon™ graphics
- AMD Ryzen™ 5000 Series Mobile processor with Radeon™ graphics
Chromebook
- AMD Athlon™ 3000 Series Mobile processor with Radeon™ graphics
- AMD Athlon™ Mobile processor with Radeon™ graphics
- AMD Ryzen™ 3000 Series Mobile processor with Radeon™ graphics
Mitigation
AMD recommends using one of the other published mitigations (V2-1 aka ‘generic retpoline’ or V2-4 aka ‘IBRS’) for CVE-2017-5715. Currently in Linux, users can control which mitigation is used at boot time. Users can choose the generic retpoline at boot time by using the spectre_v2 Linux kernel command for turning on retpoline: spectre_v2=retpoline,generic.
Alternatively, users can update their version of the Linux kernel that incorporates a patch provided by AMD to the Linux community. The patch includes using generic retpoline, if retpoline is enabled and not explicitly set to the AMD Retpoline (spectre_v2=retpoline,amd).
AMD has provided updated guidance in “Software Techniques for Managing Speculation on AMD Processors” located here: <https://www.amd.com/system/files/documents/software-techniques-for-managing-speculation.pdf>
We continue to look for ways to make our products more secure, including working closely with partners, academics, researchers, and end users in the ecosystem.
Related
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
10.7%