system/easy-kernel*: CVE-2019-15030: ppc64 >= POWER8: data leak with FP/VMX triggerable by unavailable exception in transaction
Bugzilla ID | 195 |
Alias(es) | CVE-2019-15030 |
Reporter | Max Rees (sroracle) |
Assignee | A. Wilcox (awilfox) |
Reported | 2019-09-10 16:21:20 -0500 |
Modified | 2019-10-16 20:30:10 -0500 |
Status | RESOLVED FIXED |
Version | 1.0-BETA4 |
Hardware | Adélie Linux / PowerPC (64-bit) |
Importance | --- / normal |
URL | https://www.openwall.com/lists/oss-security/2019/09/10/3 |
See also | https://bts.adelielinux.org/show_bug.cgi?id=180 |
Description
The Linux kernel for powerpc since v4.12 has a bug in it's TM handling
where any user can read the FP/VMX registers of a difference user's
process. Users of TM + FP/VMX can also experience corruption of their
FP/VMX state. All 64-bit machines where TM is present are affected.
This includes all POWER8 variants and POWER9 VMs under KVM or LPARs
under PowerVM. POWER9 bare metal doesn't support TM and hence is not
affected.
No backport to 4.14 yet https://www.linuxkernelcves.com/cves/CVE-2019-15030