blob: ca5947a9490b10c7d564e8d91ac88f04f1b1cfd3 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1781514
https://www.openwall.com/lists/oss-security/2019/12/10/3
Notes:
carnil> Issue actually only for distro kernels which do not include
carnil> commit commit e1d38b63acd8 ("kvm/x86: Export MDS_NO=0 to guests
carnil> when TSX is enabled") and have TSX enabled by default.
Bugs:
upstream: released (5.5-rc1) [cbbaa2727aa3ae9e0a844803da7cef7fd3b94f2b, c11f83e0626bdc2b6c550fc8b9b6eeefbd8cefaa, b07a5c53d42a8c87b208614129e947dd2338ff9c]
4.19-upstream-stable: released (4.19.89) [6a10f818a9adbe394eb36d223814e207e5121236]
4.9-upstream-stable: released (4.9.207) [0bc72dbb9dbc2dfa0f975f4b519ae91fa338aec8]
3.16-upstream-stable: ignored "Commits might be backported, but vulnerability specific to distro kernels"
sid: N/A "Vulnerability due to incomplete fix not introduced"
4.19-buster-security: N/A "Vulnerability due to incomplete fix not introduced"
4.9-stretch-security: N/A "Vulnerability due to incomplete fix not introduced"
3.16-jessie-security: N/A "Vulnerability due to incomplete fix not introduced"
|
