| 2020-01-23 12:33:21 |
Tyler Hicks |
bug |
|
|
added bug |
| 2020-01-31 15:17:29 |
Tyler Hicks |
information type |
Private Security |
Public Security |
|
| 2020-01-31 15:18:17 |
Tyler Hicks |
summary |
Placeholder bug |
arm64/KVM debug registers vulnerability |
|
| 2020-01-31 15:19:59 |
Tyler Hicks |
description |
Placeholder bug report for arm64 KVM issue. |
[Impact]
https://www.openwall.com/lists/oss-security/2020/01/30/5
A bug has been fixed in the arm64 KVM port (commit id
4942dc6638b07b5326b6d2faa142635c559e7cd5 "KVM: arm64: Write
arch.mdcr_el2 changes since last vcpu_load on VHE") which would allow a
guest to access the debug/PMU registers used by the host without being
trapped. This can only happen during the vCPU start until the first
preemption. Systems with an ARMv8.1 or later CPU are affected (with the
Virtualisation Host Extensions).
The implications are that a guest, for a brief period, may be able to
read event counters belonging to the host or potentially trigger
perf-related IRQs in the host.
[Test Case]
[Regression Potential] |
|
| 2020-01-31 15:21:33 |
Thadeu Lima de Souza Cascardo |
summary |
arm64/KVM debug registers vulnerability |
Prevent arm64 guest from accessing host debug registers |
|
| 2020-01-31 15:24:34 |
Thadeu Lima de Souza Cascardo |
description |
[Impact]
https://www.openwall.com/lists/oss-security/2020/01/30/5
A bug has been fixed in the arm64 KVM port (commit id
4942dc6638b07b5326b6d2faa142635c559e7cd5 "KVM: arm64: Write
arch.mdcr_el2 changes since last vcpu_load on VHE") which would allow a
guest to access the debug/PMU registers used by the host without being
trapped. This can only happen during the vCPU start until the first
preemption. Systems with an ARMv8.1 or later CPU are affected (with the
Virtualisation Host Extensions).
The implications are that a guest, for a brief period, may be able to
read event counters belonging to the host or potentially trigger
perf-related IRQs in the host.
[Test Case]
[Regression Potential] |
[Impact]
Guests could access host debug/PMU registers. This could happen very briefly before they are first preempted.
This only affects arm64 CPUs that support virtualization.
[Regression potential]
This could break virtualization or guest access to PMU registers.
[Test case]
A guest has been run with a host with the patched kernel. perf top has been run on the guest. Using uvtool:
host$ sudo apt install uvtool qemu-efi-aarch64
host$ uvt-kvm create test release=eoan arch=arm64
host$ uvt-kvm ssh test
guest$ sudo perf top |
|
| 2020-02-10 11:01:57 |
Thadeu Lima de Souza Cascardo |
nominated for series |
|
Ubuntu Eoan |
|
| 2020-02-10 11:01:57 |
Thadeu Lima de Souza Cascardo |
bug task added |
|
linux (Ubuntu Eoan) |
|
| 2020-02-10 11:01:57 |
Thadeu Lima de Souza Cascardo |
nominated for series |
|
Ubuntu Bionic |
|
| 2020-02-10 11:01:57 |
Thadeu Lima de Souza Cascardo |
bug task added |
|
linux (Ubuntu Bionic) |
|
| 2020-02-10 11:01:57 |
Thadeu Lima de Souza Cascardo |
nominated for series |
|
Ubuntu Focal |
|
| 2020-02-10 11:01:57 |
Thadeu Lima de Souza Cascardo |
bug task added |
|
linux (Ubuntu Focal) |
|
| 2020-02-10 11:01:57 |
Thadeu Lima de Souza Cascardo |
nominated for series |
|
Ubuntu Disco |
|
| 2020-02-10 11:01:57 |
Thadeu Lima de Souza Cascardo |
bug task added |
|
linux (Ubuntu Disco) |
|
| 2020-02-10 11:02:16 |
Thadeu Lima de Souza Cascardo |
linux (Ubuntu Focal): status |
Triaged |
Fix Committed |
|
| 2020-02-10 11:02:31 |
Thadeu Lima de Souza Cascardo |
linux (Ubuntu Eoan): status |
New |
In Progress |
|
| 2020-02-10 11:02:36 |
Thadeu Lima de Souza Cascardo |
linux (Ubuntu Disco): status |
New |
In Progress |
|
| 2020-02-10 11:02:41 |
Thadeu Lima de Souza Cascardo |
linux (Ubuntu Bionic): status |
New |
In Progress |
|
| 2020-02-14 04:34:56 |
Khaled El Mously |
linux (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
| 2020-02-14 04:34:58 |
Khaled El Mously |
linux (Ubuntu Disco): status |
In Progress |
Fix Committed |
|
| 2020-02-14 04:35:00 |
Khaled El Mously |
linux (Ubuntu Eoan): status |
In Progress |
Fix Committed |
|
| 2020-02-17 21:28:54 |
Ubuntu Kernel Bot |
tags |
|
verification-needed-bionic |
|
| 2020-02-17 22:52:14 |
Ubuntu Kernel Bot |
tags |
verification-needed-bionic |
verification-needed-bionic verification-needed-eoan |
|
| 2020-03-16 10:39:46 |
Launchpad Janitor |
linux (Ubuntu Eoan): status |
Fix Committed |
Fix Released |
|
| 2020-03-16 10:39:46 |
Launchpad Janitor |
cve linked |
|
2019-3016 |
|
| 2020-03-16 10:39:46 |
Launchpad Janitor |
cve linked |
|
2020-2732 |
|
| 2020-03-16 10:53:57 |
Launchpad Janitor |
linux (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2020-03-16 10:53:57 |
Launchpad Janitor |
cve linked |
|
2019-14615 |
|
| 2020-03-16 10:53:57 |
Launchpad Janitor |
cve linked |
|
2020-8832 |
|
| 2020-07-02 20:02:49 |
Steve Langasek |
linux (Ubuntu Disco): status |
Fix Committed |
Won't Fix |
|
