New Spectre-Related 'Medium Severity' Flaw Patched in Linux Kernel (theregister.com) 11
"The Spectre vulnerability that has haunted hardware and software makers since 2018 continues to defy efforts to bury it," reports the Register:
On Thursday, Eduardo (sirdarckcat) Vela Nava, from Google's product security response team, disclosed a Spectre-related flaw in version 6.2 of the Linux kernel. The bug, designated medium severity, was initially reported to cloud service providers — those most likely to be affected — on December 31, 2022, and was patched in Linux on February 27, 2023.
"The kernel failed to protect applications that attempted to protect against Spectre v2, leaving them open to attack from other processes running on the same physical core in another hyperthread," the vulnerability disclosure explains. The consequence of that attack is potential information exposure (e.g., leaked private keys) through this pernicous problem....
Spectre v2 — the variant implicated in this particular vulnerability — relies on timing side-channels to measure the misprediction rates of indirect branch prediction in order to infer the contents of protected memory. That's far from optimal in a cloud environment with shared hardware... The bug hunters who identified the issue found that Linux userspace processes to defend against Spectre v2 didn't work on VMs of "at least one major cloud provider."
"The kernel failed to protect applications that attempted to protect against Spectre v2, leaving them open to attack from other processes running on the same physical core in another hyperthread," the vulnerability disclosure explains. The consequence of that attack is potential information exposure (e.g., leaked private keys) through this pernicous problem....
Spectre v2 — the variant implicated in this particular vulnerability — relies on timing side-channels to measure the misprediction rates of indirect branch prediction in order to infer the contents of protected memory. That's far from optimal in a cloud environment with shared hardware... The bug hunters who identified the issue found that Linux userspace processes to defend against Spectre v2 didn't work on VMs of "at least one major cloud provider."
Re: (Score:2)
this is very relevant because your big boy corp datacenter is a juicy target. thus you want to learn how to mitigate such attacks in your home lab. but if performance is not a luxury for you, then by all means disable the exploit mitigations and enjoy the 40% speed bump
No spectre of spectre. (Score:2)
Still no documented exploits to my knowledge. It’s too hard to pull off effectively.
RMS was right, you laughed at him for being a hip (Score:2)
The bug, designated medium severity, was initially reported to cloud service providers — those most likely to be affected
Well good to know as a cloud service provider that someone else made the determination that my customers and I were safe. I was not made aware of this bug. How did the Linux Foundation know who would most likely be affected? Oh right, who pays them. So right under our noses, security patches have become pay-to-play and this was one of the saving graces of open source?
Linus Torvalds is rolling in his grave^Wcash
Re: (Score:2)
new definition of new (Score:2)
Color me timely.
When will Linux... (Score:2)
After 5+ years of this, I am starting to wonder if Linux will need to do what OpenBSD did:
https://www.tomshardware.com/news/openbsd-disables-intel-hyper-threading-spectre,37332.html
Windows and Apple .... (Score:2)
...will have had plenty of these as well, but those don't get reported, or fixed ...