Lucene search

K
amdAmd.comAMD-SB-1036
HistoryMar 08, 2022 - 12:00 a.m.

LFENCE/JMP Mitigation Update for CVE-2017-5715

2022-03-0800:00:00
amd.com
www.amd.com
38

5.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

10.7%

Bulletin ID: AMD-SB-1036 **Potential Impact:**Loss of Confidentiality **Severity:**Medium

Summary

AMD is providing an update for one recommended mitigation for CVE-2017-5715 previously known as Spectre Variant 2. The speculative execution window of AMD LFENCE/JMP mitigation (MITIGATION V2-2) may be large enough to be exploited on AMD CPUs.

As of the date of this disclosure, AMD is not aware of any active exploits in the wild of AMD products that use CVE-2017-5715.

CVE Details

CVE-2021-26401

LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.

Affected Products

Server

  • 1st/2nd/3rd Gen AMD EPYC™ Processors

Desktop

  • AMD Ryzen™ 2000 series Desktop processor
  • AMD Ryzen™ 3000 Series Desktop processor
  • AMD Ryzen™ 5000 Series Desktop processor
  • AMD Ryzen™ 4000 Series Desktop processors with Radeon™ graphics
  • AMD Ryzen™ 5000 Series Desktop processor with Radeon™ graphics

High End Desktop (HEDT)

  • 2nd Gen AMD Ryzen™ Threadripper™ processors
  • 3rd Gen AMD Ryzen™ Threadripper™ processors

Workstation

  • AMD Ryzen™ Threadripper™ PRO processors

Mobile

  • AMD Athlon™ 3000 Series Mobile processors with Radeon™ graphics
  • AMD Ryzen™ 2000 Series Mobile processor
  • AMD Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile processor with Radeon™ graphics
  • AMD Ryzen™ 3000 Series Mobile processor with Radeon™ graphics
  • AMD Ryzen™ 4000 Series Mobile processors with Radeon™ graphics
  • AMD Ryzen™ 5000 Series Mobile processor with Radeon™ graphics

Chromebook

  • AMD Athlon™ 3000 Series Mobile processor with Radeon™ graphics
  • AMD Athlon™ Mobile processor with Radeon™ graphics
  • AMD Ryzen™ 3000 Series Mobile processor with Radeon™ graphics

Mitigation

AMD recommends using one of the other published mitigations (V2-1 aka ‘generic retpoline’ or V2-4 aka ‘IBRS’) for CVE-2017-5715. Currently in Linux, users can control which mitigation is used at boot time. Users can choose the generic retpoline at boot time by using the spectre_v2 Linux kernel command for turning on retpoline: spectre_v2=retpoline,generic.

Alternatively, users can update their version of the Linux kernel that incorporates a patch provided by AMD to the Linux community. The patch includes using generic retpoline, if retpoline is enabled and not explicitly set to the AMD Retpoline (spectre_v2=retpoline,amd).

AMD has provided updated guidance in “Software Techniques for Managing Speculation on AMD Processors” located here: <https://www.amd.com/system/files/documents/software-techniques-for-managing-speculation.pdf&gt;

We continue to look for ways to make our products more secure, including working closely with partners, academics, researchers, and end users in the ecosystem.

5.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

10.7%