Bug 2223949 (CVE-2022-40982, Downfall)
| Summary: | CVE-2022-40982 hw: Intel: Gather Data Sampling (GDS) side channel vulnerability | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Rohit Keshri <rkeshri> |
| Component: | vulnerability | Assignee: | Nobody <nobody> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | acaringi, allarkin, bhu, broose, c.handel, chwhite, crwood, dbohanno, ddepaula, debarbos, dfreiber, dimitris.on.linux, dvlasenk, esyr, ezulian, henrik.henriksson, hkrzesin, hmatsumo, jarod, jburrell, jdenham, jfaracco, jferlan, jforbes, jlelli, joe.lawrence, jshortt, jstancek, jwyatt, jyoung, kcarcia, kcook34, kernel-mgr, kyoshida, ldoskova, lgoncalv, llong, longman, lzampier, mvanderw, nicolas.bertolus, nmurray, ptalbert, qzhao, redhat, rogbas, rrobaina, rvrbovsk, rysulliv, scweaver, security-response-team, shobbs, tglozar, tyberry, vkumar, walters, wcosta, williams, wmealing, ycote, ymankad |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: |
A Gather Data Sampling (GDS) transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction (load from memory) to infer stale data from previously used vector registers on the same physical core.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2223992, 2223993, 2223994, 2223995, 2229727, 2229728, 2229729, 2229730, 2229731, 2229732, 2229733, 2229873, 2229874, 2229875, 2229876, 2229877, 2229878, 2229879, 2229880, 2229881, 2229882, 2229883, 2229884, 2229885, 2229886, 2229887, 2229888, 2229889, 2229890, 2229891, 2229892, 2229893, 2229894, 2230086, 2235640, 2235641, 2235642 | ||
| Bug Blocks: | 2224000 | ||
|
Description
Rohit Keshri
2023-07-19 11:35:32 UTC
Intel Processors supporting Trust Domain Extension (Intel TDX) are not affected by GDS. * Gather feature is provided by Intel AVX2 and Intel AVX-512 (Intel Advanced extensions) * It comprises of single-instruction, multiple data instruction, which fetch non-contiguous data element from memory using vector-index memory addressing. * The scope of of stale data exposure is limited to dame physical processor core. * Attacker cannot directly control or specify the source of the stale data, it is small and uncontrolled set of data. * Since it is an uncontrolled set of stale data, data correlation and speculation could be difficult. Created microcode_ctl tracking bugs for this issue: Affects: fedora-all [bug 2230086] This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:6583 https://access.redhat.com/errata/RHSA-2023:6583 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:6901 https://access.redhat.com/errata/RHSA-2023:6901 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7077 https://access.redhat.com/errata/RHSA-2023:7077 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2023:7379 https://access.redhat.com/errata/RHSA-2023:7379 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2023:7370 https://access.redhat.com/errata/RHSA-2023:7370 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:7424 https://access.redhat.com/errata/RHSA-2023:7424 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:7423 https://access.redhat.com/errata/RHSA-2023:7423 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2023:7539 https://access.redhat.com/errata/RHSA-2023:7539 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0412 https://access.redhat.com/errata/RHSA-2024:0412 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Via RHSA-2024:0563 https://access.redhat.com/errata/RHSA-2024:0563 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2024:0562 https://access.redhat.com/errata/RHSA-2024:0562 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2024:1250 https://access.redhat.com/errata/RHSA-2024:1250 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Telecommunications Update Service Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Via RHSA-2024:1268 https://access.redhat.com/errata/RHSA-2024:1268 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2024:1269 https://access.redhat.com/errata/RHSA-2024:1269 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2024:1306 https://access.redhat.com/errata/RHSA-2024:1306 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Advanced Update Support Via RHSA-2024:3319 https://access.redhat.com/errata/RHSA-2024:3319 |