Salvatore Bonaccorso
2023-May-18 20:08 UTC
[Pkg-xen-devel] Bug#1036298: xen: CVE-2022-42336: XSA-431: Mishandling of guest SSBD selection on AMD hardware
Source: xen
Version: 4.17.0+74-g3eac216e6e-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at
security.debian.org>
Hi,
The following vulnerability was published for xen.
CVE-2022-42336[0]:
| Mishandling of guest SSBD selection on AMD hardware The current logic
| to set SSBD on AMD Family 17h and Hygon Family 18h processors requires
| that the setting of SSBD is coordinated at a core level, as the
| setting is shared between threads. Logic was introduced to keep track
| of how many threads require SSBD active in order to coordinate it,
| such logic relies on using a per-core counter of threads that have
| SSBD active. When running on the mentioned hardware, it's possible for
| a guest to under or overflow the thread counter, because each write to
| VIRT_SPEC_CTRL.SSBD by the guest gets propagated to the helper that
| does the per-core active accounting. Underflowing the counter causes
| the value to get saturated, and thus attempts for guests running on
| the same core to set SSBD won't have effect because the hypervisor
| assumes it's already active.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2022-42336
https://www.cve.org/CVERecord?id=CVE-2022-42336
[1] https://xenbits.xen.org/xsa/advisory-431.html
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Debian Bug Tracking System
2023-May-18 20:57 UTC
[Pkg-xen-devel] Bug#1036298: marked as done (xen: CVE-2022-42336: XSA-431: Mishandling of guest SSBD selection on AMD hardware)
Your message dated Thu, 18 May 2023 22:55:48 +0200 with message-id <12210868.O9o76ZdvQC at eisbaer> and subject line Bug#1036298: fixed in xen 4.17.1+2-gb773c48e36-1 has caused the Debian Bug report #1036298, regarding xen: CVE-2022-42336: XSA-431: Mishandling of guest SSBD selection on AMD hardware to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner at bugs.debian.org immediately.) -- 1036298: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036298 Debian Bug Tracking System Contact owner at bugs.debian.org with problems -------------- next part -------------- An embedded message was scrubbed... From: Salvatore Bonaccorso <carnil at debian.org> Subject: xen: CVE-2022-42336: XSA-431: Mishandling of guest SSBD selection on AMD hardware Date: Thu, 18 May 2023 22:08:49 +0200 Size: 3063 URL: <http://alioth-lists.debian.net/pipermail/pkg-xen-devel/attachments/20230518/8d47c574/attachment-0002.eml> -------------- next part -------------- An embedded message was scrubbed... From: Maximilian Engelhardt <maxi at daemonizer.de> Subject: Bug#1036298: fixed in xen 4.17.1+2-gb773c48e36-1 Date: Thu, 18 May 2023 22:55:48 +0200 Size: 5387 URL: <http://alioth-lists.debian.net/pipermail/pkg-xen-devel/attachments/20230518/8d47c574/attachment-0003.eml>