[ASA-201801-10] intel-ucode: access restriction bypass
anthraxx at archlinux.org
Thu Jan 11 20:57:24 UTC 2018
Arch Linux Security Advisory ASA-201801-10
Date : 2018-01-10
CVE-ID : CVE-2017-5715
Package : intel-ucode
Type : access restriction bypass
Remote : No
Link : https://security.archlinux.org/AVG-582
The package intel-ucode before version 20180108-1 is vulnerable to
access restriction bypass.
Upgrade to 20180108-1.
# pacman -Syu "intel-ucode>=20180108-1"
The problem has been fixed upstream in version 20180108.
An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of instructions (a
commonly used performance optimization).
This variant triggers the speculative execution by utilizing branch
target injection. It relies on the presence of a precisely-defined
instruction sequence in the privileged code as well as the fact that
memory accesses may cause allocation into the microprocessor's data
cache even for speculatively executed instructions that never actually
commit (retire). As a result, an unprivileged attacker could use this
flaw to cross the syscall and guest/host boundaries and read privileged
memory by conducting targeted cache side-channel attacks.
A local unprivileged attacker is able to cross the syscall and
guest/host boundaries and read privileged memory by conducting targeted
cache side-channel attacks.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 866 bytes
Desc: OpenPGP digital signature
More information about the arch-security