coding error in retpoline for system call entry in Ubuntu 4.13.0-31 kernels

Bug #1745564 reported by Steve Beattie on 2018-01-26
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Critical
Unassigned
linux-hwe (Ubuntu)
Critical
Unassigned

Bug Description

Logic error came from the following commit, looks to be introduced at 4.13.0-27:

commit d2e0236f395e876f5303fb5021e4fe6eea881402
Author: Tim Chen <email address hidden>
Date: Wed Nov 8 16:30:06 2017 -0800

    x86/entry: Use retpoline for syscall's indirect calls

$ git describe --contains d2e0236f395e876f5303fb5021e4fe6eea881402
Ubuntu-4.13.0-27.30~42

This patch was included in one of the proposed patchsets to mitigate spectre, but was superceded in later ones which did not contain the error, and did not land in the upstream kernel. It does not affect the 4.4 derived or earlier kernels.

Steve Beattie (sbeattie) on 2018-01-26
Changed in linux (Ubuntu):
importance: Undecided → Critical

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1745564

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
Steve Beattie (sbeattie) wrote :

This was addressed in https://usn.ubuntu.com/usn/usn-3548-1/ in Ubuntu 17.10 for the linux kernel, and in https://usn.ubuntu.com/usn/usn-3548-2/ for the linux-hwe and other backport kernels.

Changed in linux (Ubuntu):
status: Incomplete → Fix Released
Changed in linux-hwe (Ubuntu):
status: New → Fix Released
importance: Undecided → Critical
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers