This week's hardware vulnerabilities
This week's hardware vulnerabilities
A set of patches has just been pushed into the mainline repository (and stable updates) for yet another set of hardware vulnerabilities. "TSX async abort" (or TAA) exposes information through the usual side channels by way of internal buffers used with the transactional memory (TSX) instructions. Mitigation is done by disabling TSX or by clearing the relevant buffers when switching between kernel and user mode. Given that this is not the first problem with TSX, disabling it entirely is recommended; a microcode update may be needed to do so, though. This commit contains documentation on this vulnerability and its mitigation.
There are also fixes for another vulnerability: it seems that accessing a memory address immediately after the size of the page containing it was changed (from a regular to a huge page, for example) can cause the processor to lock up. This behavior is considered undesirable by many. The vulnerability only exists for pages marked as executable; the mitigation is to force all executable pages to be the regular, 4K page size.