Bug 1724389 (CVE-2019-1125) - CVE-2019-1125 kernel: hw: Spectre SWAPGS gadget vulnerability
Summary: CVE-2019-1125 kernel: hw: Spectre SWAPGS gadget vulnerability
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2019-1125
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1724510 1724513 1724516 1724517 1733310 1738287 1738288 1724500 1724501 1724502 1724503 1724504 1724505 1724506 1724507 1724508 1724509 1724511 1724512 1724514 1724515 1729810 1733309 1733852 1733853 1733854 1733855 1733856 1733858 1733859 1733876 1734078 1734623 1734624 1737703 1738285
Blocks: 1724388 1724661 1724662 1724663 1724664 1724665 1724666
TreeView+ depends on / blocked
 
Reported: 2019-06-27 01:12 UTC by Wade Mealing
Modified: 2019-10-29 13:12 UTC (History)
72 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A Spectre gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information to reveal private data through a Spectre like side channel.
Clone Of:
Environment:
Last Closed: 2019-08-07 13:18:17 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2019:2685 None None None 2019-09-09 13:25:33 UTC
Red Hat Product Errata RHBA-2019:2693 None None None 2019-09-09 23:27:28 UTC
Red Hat Product Errata RHBA-2019:2960 None None None 2019-10-03 10:06:23 UTC
Red Hat Product Errata RHBA-2019:2961 None None None 2019-10-03 10:12:15 UTC
Red Hat Product Errata RHSA-2019:2405 None None None 2019-08-07 12:57:49 UTC
Red Hat Product Errata RHSA-2019:2411 None None None 2019-08-07 15:18:35 UTC
Red Hat Product Errata RHSA-2019:2473 None None None 2019-08-13 14:59:36 UTC
Red Hat Product Errata RHSA-2019:2476 None None None 2019-08-13 17:43:30 UTC
Red Hat Product Errata RHSA-2019:2600 None None None 2019-09-03 17:41:10 UTC
Red Hat Product Errata RHSA-2019:2609 None None None 2019-09-03 17:42:30 UTC
Red Hat Product Errata RHSA-2019:2695 None None None 2019-09-10 10:27:46 UTC
Red Hat Product Errata RHSA-2019:2696 None None None 2019-09-10 13:46:15 UTC
Red Hat Product Errata RHSA-2019:2730 None None None 2019-09-11 09:09:27 UTC
Red Hat Product Errata RHSA-2019:2899 None None None 2019-09-25 12:17:29 UTC
Red Hat Product Errata RHSA-2019:2900 None None None 2019-09-25 12:25:09 UTC
Red Hat Product Errata RHSA-2019:2975 None None None 2019-10-08 09:59:52 UTC
Red Hat Product Errata RHSA-2019:3011 None None None 2019-10-10 15:37:20 UTC
Red Hat Product Errata RHSA-2019:3220 None None None 2019-10-29 13:12:05 UTC

Description Wade Mealing 2019-06-27 01:12:17 UTC
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization).  This flaw is a variant on the previous "speculative execution" attack vectors.

A spectre-v1 like side-channel was found on the kernels implementation of system calls where a local user could use branch misprediction to create an observable timing changes which can inadvertently reveal private data.

Note: This flaw affects both Intel x86-64 and AMD Microprocessors.  Other non x86 architectures do not have this attack vector available.

Red Hat product security is not aware of a method that an attacker can use this method of attack directly, fixing this flaw as part of the larger speculative execution issues reduces this attack vector if one becomes known.

After installing the updated kernel package, the system will need to be rebooted for the changes to take effect.

Upstream patch set:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2059825986a1c8143fd6698774fa9d83733bb11

Comment 20 Petr Matousek 2019-08-06 16:37:15 UTC
Statement:

Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article:  https://access.redhat.com/articles/4329821

Comment 21 Petr Matousek 2019-08-06 16:37:18 UTC
Mitigation:

For mitigation related information, please refer to the Red Hat Knowledgebase article:  https://access.redhat.com/articles/4329821

Comment 22 Petr Matousek 2019-08-06 17:02:25 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1738285]

Comment 24 errata-xmlrpc 2019-08-07 12:57:46 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2019:2405 https://access.redhat.com/errata/RHSA-2019:2405

Comment 25 Product Security DevOps Team 2019-08-07 13:18:17 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2019-1125

Comment 26 errata-xmlrpc 2019-08-07 15:18:33 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2019:2411 https://access.redhat.com/errata/RHSA-2019:2411

Comment 28 errata-xmlrpc 2019-08-13 14:59:32 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2019:2473 https://access.redhat.com/errata/RHSA-2019:2473

Comment 29 errata-xmlrpc 2019-08-13 17:43:27 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6.6 Advanced Update Support

Via RHSA-2019:2476 https://access.redhat.com/errata/RHSA-2019:2476

Comment 31 errata-xmlrpc 2019-09-03 17:41:07 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2019:2600 https://access.redhat.com/errata/RHSA-2019:2600

Comment 32 errata-xmlrpc 2019-09-03 17:42:27 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2019:2609 https://access.redhat.com/errata/RHSA-2019:2609

Comment 34 errata-xmlrpc 2019-09-10 10:27:43 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6.5 Advanced Update Support

Via RHSA-2019:2695 https://access.redhat.com/errata/RHSA-2019:2695

Comment 35 errata-xmlrpc 2019-09-10 13:46:12 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.4 Extended Update Support

Via RHSA-2019:2696 https://access.redhat.com/errata/RHSA-2019:2696

Comment 38 errata-xmlrpc 2019-09-11 09:09:23 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise MRG 2

Via RHSA-2019:2730 https://access.redhat.com/errata/RHSA-2019:2730

Comment 42 errata-xmlrpc 2019-09-25 12:17:26 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.2 Telco Extended Update Support
  Red Hat Enterprise Linux 7.2 Advanced Update Support
  Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions

Via RHSA-2019:2899 https://access.redhat.com/errata/RHSA-2019:2899

Comment 43 errata-xmlrpc 2019-09-25 12:25:05 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.3 Telco Extended Update Support
  Red Hat Enterprise Linux 7.3 Advanced Update Support
  Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions

Via RHSA-2019:2900 https://access.redhat.com/errata/RHSA-2019:2900

Comment 44 errata-xmlrpc 2019-10-08 09:59:49 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.5 Extended Update Support

Via RHSA-2019:2975 https://access.redhat.com/errata/RHSA-2019:2975

Comment 45 errata-xmlrpc 2019-10-10 15:37:16 UTC
This issue has been addressed in the following products:

  Red Hat Virtualization 4 for Red Hat Enterprise Linux 7

Via RHSA-2019:3011 https://access.redhat.com/errata/RHSA-2019:3011

Comment 46 errata-xmlrpc 2019-10-29 13:12:01 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Extended Update Support

Via RHSA-2019:3220 https://access.redhat.com/errata/RHSA-2019:3220


Note You need to log in before you can comment on or make changes to this bug.