*** This bug is a security vulnerability ***
Public security bug reported:
[Impact]
When PCIDs are enabled on Alder Lake and Raptor Lake, INVLPG will not flush the
global TLB entries. This can lead to info leak or undefined behavior.
[Mitigation]
Boot with nopcid on affected systems.
[Test case]
There is no particular test case.
[Potential regressions]
This affects performance on the affected systems. TLB behavior could also be
affected.
** Affects: linux (Ubuntu)
Importance: High
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: Fix Released
** Affects: linux (Ubuntu Trusty)
Importance: Undecided
Status: Incomplete
** Affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: Incomplete
** Affects: linux (Ubuntu Bionic)
Importance: Undecided
Status: Incomplete
** Affects: linux (Ubuntu Focal)
Importance: High
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: Incomplete
** Affects: linux (Ubuntu Jammy)
Importance: High
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: Incomplete
** Affects: linux (Ubuntu Kinetic)
Importance: High
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: In Progress
** Affects: linux (Ubuntu Lunar)
Importance: High
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: In Progress
** Affects: linux (Ubuntu Mantic)
Importance: High
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: Fix Released
** Also affects: linux (Ubuntu Kinetic)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Focal)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Mantic)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Lunar)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Mantic)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Lunar)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Kinetic)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Jammy)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Focal)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Mantic)
Importance: Undecided => High
** Changed in: linux (Ubuntu Lunar)
Importance: Undecided => High
** Changed in: linux (Ubuntu Kinetic)
Importance: Undecided => High
** Changed in: linux (Ubuntu Jammy)
Importance: Undecided => High
** Changed in: linux (Ubuntu Focal)
Importance: Undecided => High
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2023220
Title:
Some INVLPG implementations can leave Global translations unflushed
when PCIDs are enabled
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Trusty:
Incomplete
Status in linux source package in Xenial:
Incomplete
Status in linux source package in Bionic:
Incomplete
Status in linux source package in Focal:
Incomplete
Status in linux source package in Jammy:
Incomplete
Status in linux source package in Kinetic:
In Progress
Status in linux source package in Lunar:
In Progress
Status in linux source package in Mantic:
Fix Released
Bug description:
[Impact]
When PCIDs are enabled on Alder Lake and Raptor Lake, INVLPG will not flush
the global TLB entries. This can lead to info leak or undefined behavior.
[Mitigation]
Boot with nopcid on affected systems.
[Test case]
There is no particular test case.
[Potential regressions]
This affects performance on the affected systems. TLB behavior could also be
affected.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2023220/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
