5 matches found
kernel: x86/vmscape: Add conditional IBPB mitigation
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
kernel: x86/vmscape: Add conditional IBPB mitigation
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
x86/vmscape: Add conditional IBPB mitigation
...
Unbreakable Enterprise kernel security update
5.4.17-2136.347.6.1 - x86/vmscape: Warn when STIBP is disabled with SMT Pawan Gupta Orabug: 38343661 - x86/bugs: Move cpubugssmtupdate down Pawan Gupta Orabug: 38343661 - x86/vmscape: Enable the mitigation Pawan Gupta Orabug: 38343661 - x86/vmscape: Add conditional IBPB mitigation Pawan Gupta...
CVE-2023-0045
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR on the function speculationctrlupdate, but the IBPB is only issued on the next...