Bug 1753066

Summary: hw: SHUF instruction implementation flaw
Product: [Other] Security Response Reporter: Wade Mealing <wmealing>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: aarapov, esyr, jarodwilson, jonathan, mikedep333, poros, security-response-team, skozina
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-10-25 22:11:38 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1764988, 1764989, 1764990, 1764991, 1764992, 1764993, 1764994, 1764996, 1764997, 1764998, 1764999, 1765000, 1766955, 1767757, 1771653    
Bug Blocks: 1752312    

Description Wade Mealing 2019-09-18 02:00:34 UTC 
A flaw was found in Intel microprocessors implementation of packed byte shuffle AVX instructions (SHUF*). The defect can be exploited to cause stability problems in the processor. This is mitigated through a microcode update.

This could allow an attacker with a local account to possibly crash the system or the host within a guest on a virtual environment.

A system will need to reload updated microcode to correctly fix this issue.

Additional references:

https://software.intel.com/sites/default/files/managed/39/c5/325462-sdm-vol-1-2abcd-3abcd.pdf
Comment 7 Wade Mealing 2019-11-12 08:24:03 UTC 
Acknowledgements:

Red Hat thanks Intel for reporting this issue and collaborating on the mitigations for the same.
Comment 8 Prasad Pandit 2019-11-12 10:04:55 UTC 
Statement:

Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/2019-microcode-nov
Comment 9 Prasad Pandit 2019-11-12 10:04:57 UTC 
External References:

https://access.redhat.com/solutions/2019-microcode-nov
Comment 10 Prasad Pandit 2019-11-12 10:05:01 UTC 
Mitigation:

As of this time there are no known mitigations. Please install relevant updated packages to address this flaw.
Comment 11 Prasad Pandit 2019-11-12 18:10:42 UTC 
Created microcode_ctl tracking bugs for this issue:

Affects: fedora-all [bug 1771653]