In the Linux kernel, the following vulnerability has been resolved: arm64:
errata: Add Cortex-A520 speculative unprivileged load workaround Implement
the workaround for ARM Cortex-A520 erratum 2966298. On an affected
Cortex-A520 core, a speculatively executed unprivileged load might leak
data from a privileged load via a cache side channel. The issue only exists
for loads within a translation regime with the same translation (e.g. same
ASID and VMID). Therefore, the issue only affects the return to EL0. The
workaround is to execute a TLBI before returning to EL0 after all loads of
privileged data. A non-shareable TLBI to any address is sufficient. The
workaround isn’t necessary if page table isolation (KPTI) is enabled, but
for simplicity it will be. Page table isolation should normally be disabled
for Cortex-A520 as it supports the CSV3 feature and the E0PD feature (used
when KASLR is enabled).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |