Unrated severityNVD Advisory· Published Aug 20, 2018· Updated Aug 5, 2024
CVE-2018-15572
CVE-2018-15572
Description
The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.
Affected products
118- osv-coords118 versionspkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-bigmem&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/kernel-bigmem&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/kernel-bigsmp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kernel-docs-azure&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/kernel-livepatch-SLE15_Update_4&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/kernel-ppc64&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/kernel-ppc64&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3pkg:rpm/suse/kernel-rt_trace&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-syms&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3pkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/kernel-vanilla&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_33&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_33&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_25&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_25&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_25&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_25&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_17&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3pkg:rpm/suse/lttng-modules&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/lttng-modules&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/lttng-modules&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/lttng-modules&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/lttng-modules&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/lttng-modules&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/lttng-modules&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/lttng-modules&distro=SUSE%20OpenStack%20Cloud%207
< 4.12.14-5.16.1+ 117 more
- (no CPE)range: < 4.12.14-5.16.1
- (no CPE)range: < 4.4.155-4.16.1
- (no CPE)range: < 4.4.155-4.16.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 4.12.14-25.16.1
- (no CPE)range: < 4.12.14-25.16.1
- (no CPE)range: < 4.12.14-25.16.1
- (no CPE)range: < 4.12.14-25.16.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.12.74-60.64.110.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.12.74-60.64.110.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 4.12.14-25.16.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.155-4.16.1
- (no CPE)range: < 4.12.14-25.16.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 3.12.74-60.64.110.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 1-1.3.1
- (no CPE)range: < 4.12.14-25.16.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 4.4.155-3.23.1
- (no CPE)range: < 3.0.101.rt130-69.36.1
- (no CPE)range: < 4.4.155-3.23.1
- (no CPE)range: < 3.0.101.rt130-69.36.1
- (no CPE)range: < 4.12.14-5.16.1
- (no CPE)range: < 4.4.155-4.16.1
- (no CPE)range: < 4.4.155-4.16.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 4.12.14-25.16.1
- (no CPE)range: < 4.12.14-25.16.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.12.74-60.64.110.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.12.74-60.64.110.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 3.0.101.rt130-69.36.1
- (no CPE)range: < 4.4.155-3.23.1
- (no CPE)range: < 4.12.14-5.16.1
- (no CPE)range: < 4.4.155-4.16.1
- (no CPE)range: < 4.4.155-4.16.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 4.12.14-25.16.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.12.74-60.64.110.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.12.74-60.64.110.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 4.4.155-94.50.1
- (no CPE)range: < 4.4.121-92.95.1
- (no CPE)range: < 3.0.101.rt130-69.36.1
- (no CPE)range: < 4.4.155-3.23.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 4.12.14-25.16.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-0.47.106.50.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.12.74-60.64.110.1
- (no CPE)range: < 3.0.101-108.71.1
- (no CPE)range: < 3.12.74-60.64.110.1
- (no CPE)range: < 4.12.14-25.16.1
- (no CPE)range: < 1-2.3.1
- (no CPE)range: < 1-2.3.1
- (no CPE)range: < 1-3.4.1
- (no CPE)range: < 1-3.4.1
- (no CPE)range: < 1-3.4.1
- (no CPE)range: < 1-3.4.1
- (no CPE)range: < 1-4.3.1
- (no CPE)range: < 2.7.1-9.6.1
- (no CPE)range: < 2.10.0-5.6.1
- (no CPE)range: < 2.7.0-4.4.1
- (no CPE)range: < 2.7.1-9.6.1
- (no CPE)range: < 2.7.1-9.6.1
- (no CPE)range: < 2.7.0-4.4.1
- (no CPE)range: < 2.7.1-9.6.1
- (no CPE)range: < 2.7.1-9.6.1
Patches
1fdf82a7856b3x86/speculation: Protect against userspace-userspace spectreRSB
1 file changed · +7 −31
arch/x86/kernel/cpu/bugs.c+7 −31 modified@@ -313,23 +313,6 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) return cmd; } -/* Check for Skylake-like CPUs (for RSB handling) */ -static bool __init is_skylake_era(void) -{ - if (boot_cpu_data.x86_vendor == X86_VENDOR_INTEL && - boot_cpu_data.x86 == 6) { - switch (boot_cpu_data.x86_model) { - case INTEL_FAM6_SKYLAKE_MOBILE: - case INTEL_FAM6_SKYLAKE_DESKTOP: - case INTEL_FAM6_SKYLAKE_X: - case INTEL_FAM6_KABYLAKE_MOBILE: - case INTEL_FAM6_KABYLAKE_DESKTOP: - return true; - } - } - return false; -} - static void __init spectre_v2_select_mitigation(void) { enum spectre_v2_mitigation_cmd cmd = spectre_v2_parse_cmdline(); @@ -390,22 +373,15 @@ static void __init spectre_v2_select_mitigation(void) pr_info("%s\n", spectre_v2_strings[mode]); /* - * If neither SMEP nor PTI are available, there is a risk of - * hitting userspace addresses in the RSB after a context switch - * from a shallow call stack to a deeper one. To prevent this fill - * the entire RSB, even when using IBRS. + * If spectre v2 protection has been enabled, unconditionally fill + * RSB during a context switch; this protects against two independent + * issues: * - * Skylake era CPUs have a separate issue with *underflow* of the - * RSB, when they will predict 'ret' targets from the generic BTB. - * The proper mitigation for this is IBRS. If IBRS is not supported - * or deactivated in favour of retpolines the RSB fill on context - * switch is required. + * - RSB underflow (and switch to BTB) on Skylake+ + * - SpectreRSB variant of spectre v2 on X86_BUG_SPECTRE_V2 CPUs */ - if ((!boot_cpu_has(X86_FEATURE_PTI) && - !boot_cpu_has(X86_FEATURE_SMEP)) || is_skylake_era()) { - setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); - pr_info("Spectre v2 mitigation: Filling RSB on context switch\n"); - } + setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); + pr_info("Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch\n"); /* Initialize Indirect Branch Prediction Barrier if supported */ if (boot_cpu_has(X86_FEATURE_IBPB)) {
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
12- usn.ubuntu.com/3775-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3775-2/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3776-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3776-2/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3777-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3777-2/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3777-3/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2018/dsa-4308mitrevendor-advisoryx_refsource_DEBIAN
- git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/mitrex_refsource_MISC
- cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.1mitrex_refsource_MISC
- github.com/torvalds/linux/commit/fdf82a7856b32d905c39afc85e34364491e46346mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2018/10/msg00003.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.