Source: xen Version: 4.17.0+74-g3eac216e6e-1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for xen. CVE-2022-42336[0]: | Mishandling of guest SSBD selection on AMD hardware The current logic | to set SSBD on AMD Family 17h and Hygon Family 18h processors requires | that the setting of SSBD is coordinated at a core level, as the | setting is shared between threads. Logic was introduced to keep track | of how many threads require SSBD active in order to coordinate it, | such logic relies on using a per-core counter of threads that have | SSBD active. When running on the mentioned hardware, it's possible for | a guest to under or overflow the thread counter, because each write to | VIRT_SPEC_CTRL.SSBD by the guest gets propagated to the helper that | does the per-core active accounting. Underflowing the counter causes | the value to get saturated, and thus attempts for guests running on | the same core to set SSBD won't have effect because the hypervisor | assumes it's already active. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-42336 https://www.cve.org/CVERecord?id=CVE-2022-42336 [1] https://xenbits.xen.org/xsa/advisory-431.html Please adjust the affected versions in the BTS as needed. Regards, Salvatore
