911940 – (CVE-2023-20569) AMD INCEPTION kernel vulnerability

Bug 911940 (CVE-2023-20569) - AMD INCEPTION kernel vulnerability

Summary: AMD INCEPTION kernel vulnerability

Status:	IN_PROGRESS

Alias:	CVE-2023-20569

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://www.amd.com/en/resources/prod...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2023-08-09 03:18 UTC by Sam James
Modified:	2023-08-28 15:25 UTC (History)
CC List:	3 users (show)

See Also:	CVE-2023-20593
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sam James archtester

2023-08-09 03:18:52 UTC

See https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html.

Comment 1 Sam James archtester

2023-08-09 03:19:50 UTC

This is fixed in:
* linux-4.14.321
* linux-4.19.290
* linux-5.4.252
* linux-5.10.189
* linux-5.15.125
* linux-6.1.44
* linux-6.4.9

There does not appear to be fixed microcode available yet. See also the situation in bug 911160.


Note that each of these linux-* releases has a warning from Greg (https://lwn.net/Articles/940798):
>Note, PLEASE TEST this kernel if you are on the [...] tree before using it in
>a real workload. This was a quick release due to the obvious security fixes in
>it, and as such, it has not had very much testing "in the wild". Please let us
>know of any problems seen. Also note that the user/kernel api for the new
>security mitigations might be changing over time, so do not get used to them
>being fixed in stone just yet.

([...] because it's the same for each respective version, the LWN article just says 6.4.x, don't get the wrong impression).