Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 727904 (CVE-2020-0543, XSA-320) - <app-emulation/xen-{4.12.3-r1,4.13.1-r1}: Special Register Buffer speculative side channel (CVE-2020-0543 / XSA-320)
Summary: <app-emulation/xen-{4.12.3-r1,4.13.1-r1}: Special Register Buffer speculative...
Status: RESOLVED FIXED
Alias: CVE-2020-0543, XSA-320
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://xenbits.xen.org/xsa/advisory-...
Whiteboard: B4 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-06-11 02:38 UTC by Sam James
Modified: 2020-06-18 03:23 UTC (History)
3 users (show)

See Also:
Package list:
app-emulation/xen-4.12.3-r1 amd64 app-emulation/xen-tools-4.12.3-r1 app-emulation/xen-pvgrub-4.12.3
Runtime testing required: ---
nattka: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-06-11 02:38:49 UTC 
Description:
"This issue is related to the MDS and TAA vulnerabilities.  Please see
https://xenbits.xen.org/xsa/advisory-297.html (MDS) and
https://xenbits.xen.org/xsa/advisory-305.html (TAA) for details.

Certain processor operations microarchitecturally need to read data from
outside the physical core (e.g. to communicate with the random number
generator).  In some implementations, this operation is called a Special
Register Read.

In some implementations, data are staged in a single shared buffer, and
a full cache line at a time is returned to the core which made the
Special Register Read.  On parts vulnerable to MFBDS or TAA, an attacker
may be able to access stale data requested by other cores in the system.

For more details, see:
  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html"

I would recommend anybody who is interested read the full advisory linked in the bug URL.
Comment 1 Yixun Lan archtester gentoo-dev 2020-06-11 09:56:17 UTC 
commit e766d97463f2a62dedcd938ac9aabe6eef97c902 (HEAD -> master, origin/master, origin/HEAD)
Author: Tomáš Mózes <hydrapolic@gmail.com>
Date:   Wed Jun 10 11:54:43 2020 +0000

    app-emulation/xen: add security patches XSA-320 / CVE-2020-0543
    
    Closes: https://github.com/gentoo/gentoo/pull/16163
    Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com>
    Signed-off-by: Yixun Lan <dlan@gentoo.org>

:100644 100644 225574e904c1 36e807fb27b0 M      app-emulation/xen/Manifest
:100644 100644 8e4d8471cd47 078c4ede6785 R099   app-emulation/xen/xen-4.12.3.ebuild     app-emulation/xen/xen-4.12.3-r1.ebuild
:100644 100644 d6b6b7ddd30b 6b80dc379297 R099   app-emulation/xen/xen-4.13.1.ebuild     app-emulation/xen/xen-4.13.1-r1.ebuild

commit 5586ee32df49fe1150b7c73b0bb79ec5e162f8df
Author: Tomáš Mózes <hydrapolic@gmail.com>
Date:   Wed Jun 10 11:53:44 2020 +0000

    app-emulation/xen-tools: add security patches XSA-320 / CVE-2020-0543
    
    Closes: https://github.com/gentoo/gentoo/pull/16163
    Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com>
    Signed-off-by: Yixun Lan <dlan@gentoo.org>

:100644 100644 c5b611426ca0 6bbfb5aca011 M      app-emulation/xen-tools/Manifest
:100644 100644 0ce6e2b9c135 b84dec279cee R099   app-emulation/xen-tools/xen-tools-4.12.3.ebuild app-emulation/xen-tools/xen-tools-4.12.3-r1.ebuild
:100644 100644 74f229da76fb 0d79a70f5295 R099   app-emulation/xen-tools/xen-tools-4.13.1.ebuild app-emulation/xen-tools/xen-tools-4.13.1-r1.ebuild
Comment 2 Agostino Sarubbo gentoo-dev 2020-06-12 07:52:06 UTC 
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2020-06-12 07:56:33 UTC 
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 4 Larry the Git Cow gentoo-dev 2020-06-18 03:22:56 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d60cde6da5910d3e4c83ae2533c7b23017577ef5

commit d60cde6da5910d3e4c83ae2533c7b23017577ef5
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2020-06-18 03:22:28 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2020-06-18 03:22:28 +0000

    app-emulation/xen: drop vulnerable
    
    Bug: https://bugs.gentoo.org/727904
    Signed-off-by: Aaron Bauman <bman@gentoo.org>

 app-emulation/xen/Manifest             |   2 -
 app-emulation/xen/xen-4.12.2-r2.ebuild | 165 ---------------------------------
 2 files changed, 167 deletions(-)