Bug 1753113 - hw: Conditional Jump Macro-fusion (JCC)
Summary: hw: Conditional Jump Macro-fusion (JCC)
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 1765405 1765406 1765407 1765408 1765409 1765410 1765411 1765412 1765413 1765414 1765415 1765416 1766958 1767759 1771655
Blocks: 1752312
TreeView+ depends on / blocked
Reported: 2019-09-18 06:57 UTC by Wade Mealing
Modified: 2021-10-25 22:12 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2021-10-25 22:12:02 UTC

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2019:3845 0 None None None 2019-11-12 21:37:12 UTC
Red Hat Product Errata RHEA-2019:3846 0 None None None 2019-11-12 22:38:14 UTC

Description Wade Mealing 2019-09-18 06:57:07 UTC
Intel microprocessors include logic known as Macro-Op Fusion (or MOP See https://en.wikichip.org/wiki/macro-operation_fusion) where an intermediary layer will batch together sequences of instructions into a single micro-operation (μOp) to be peformed by the CPU's hardware.

An implementation defect in Intel’s design of MOP Fusion on recent processors allows malicious code to cause undefined behavior. The most likely side effect is that exploitation of this condition can lead to crashes and system errors.

The precise conditions of this vulnerability involve conditional branches that have previously been decoded by the DSB (Decoded Stream Buffer or “uop cache”) that also cross a cache line boundary. Under a corner case condition such a sequence will incorrectly attempt to execute code that does not exist, leading to a range of errors from #UD (Undefined Instruction kernel panic) and spurious page faults (which may also panic the system).

Intel have provided information in the pdf linked in this comment for compiler flags that can reduce the impact of these changes on programs that may need optimisation in this area.

Additional information:


Comment 5 Wade Mealing 2019-11-12 08:25:00 UTC

Red Hat thanks Intel for reporting this issue and collaborating on the mitigations.

Comment 6 Prasad Pandit 2019-11-12 10:13:20 UTC

Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/2019-microcode-nov

Comment 8 Prasad Pandit 2019-11-12 10:13:26 UTC

As of this time there are no known mitigations. Please install relevant updated packages to address this flaw.

Comment 9 Prasad Pandit 2019-11-12 18:14:14 UTC
Created microcode_ctl tracking bugs for this issue:

Affects: fedora-all [bug 1771655]

Note You need to log in before you can comment on or make changes to this bug.