Ubuntu
linux package

Please verify MITIGATION_GDS setting for 6.14

Bug #2107262 reported by Jeremy Bícha
268
This bug affects 4 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Undecided
Unassigned
Plucky
Confirmed
Undecided
Unassigned

Bug Description

Please verify whether MITIGATION_GDS should still be set to n. There is some background in LP: #2077145

I noticed that there is a commit in 6.12 that says "the intent is to support configurations and scenarios where the mitigations code is irrelevant"

https://github.com/torvalds/linux/commit/963d0d60d690ce2525a8fbcc0a63c4ae22f4670c

Other Info
==========
The fact that Ubuntu 25.04 is not applying GDS mitigation (on Intel) can be seen in gnome-control-center.
Settings > Privacy & Security > Device Security

This is basically a GUI version of
$ fwupdmgr security

or
$ fwupdmgr security --all

which reports
✘ Intel GDS mitigation: Disabled: https://fwupd.github.io/libfwupdplugin/hsi.html#org.fwupd.hsi.IntelGds

Tags: plucky kconfig

CVE References

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Andrew Baker (exterminator728) wrote :

Seeing the same issue.

In /boot/config-6.14.0-15-generic, CONFIG_MITIGATION_GDS is not set

Edoardo Canepa (ecanepa)
Changed in linux (Ubuntu Plucky):
status: New → Confirmed
Changed in linux (Ubuntu):
status: Confirmed → Invalid
Revision history for this message
xavi (xavivu) wrote :

Upgraded Kubuntu 24.10 to 25.04 today and am seeing what is reported here.

cat config-6.14.0-15-generic | grep "CONFIG_MITIGATION_GDS"
# CONFIG_MITIGATION_GDS is not set

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.