Information

AdvisoryXSA-267
Public release 2018-06-13 20:23
Updated 2023-12-15 15:35
Version 4
CVE(s) CVE-2018-3665
Title Speculative register leakage from lazy FPU context switching

Files

advisory-267.txt (signed advisory file)
xsa267-1.patch
xsa267-2.patch
xsa267-4.6-1.patch
xsa267-4.6-2.patch
xsa267-4.7-1.patch
xsa267-4.7-2.patch
xsa267-4.8-livepatch.patch
xsa267-4.9-1.patch
xsa267-4.9-2.patch
xsa267-4.10-1.patch
xsa267-4.10-2.patch
xsa267-livepatch.patch

Advisory


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

            Xen Security Advisory CVE-2018-3665 / XSA-267
                              version 4

     Speculative register leakage from lazy FPU context switching

UPDATES IN VERSION 4
====================

Normalize version tags by ensuring at least two spaces between glob
and tag.

ISSUE DESCRIPTION
=================

x86 has a hardware mechanism for lazy FPU context switching.  On a task
switch, %cr0.ts (Task Switched) gets set, and the next instruction to
touch floating point state raises an #NM (No Math, later known as Device
Not Available) exception.

Traditionally, FPU state has been large in comparison to available
bandwidth (and therefore slow to switch) and not used as frequently as
cpu tasks tend to switch.  This mechanism allows the OS to only switch
FPU when necessary, which in turn increases performance.

Some CPUs however speculate past an #NM exception, allowing register
content to be leaked by a side-channel.

For more details, see:
  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html

IMPACT
======

An attacker can read x87/MMX/SSE/AVX/AVX-512 register state belonging to
another vCPU previously scheduled on the same processor.  This can be
state belonging a different guest, or state belonging to a different
thread inside the same guest.

Furthermore, similar changes are expected for OS kernels.  Consult your
operating system provider for more information.


VULNERABLE SYSTEMS
==================

Systems running all versions of Xen are affected.

Only x86 processors are vulnerable.  ARM processors are not known to be
affected.

Only Intel Core based processors (from at least Nehalem onwards) are
potentially affected.  Other processor designs (Intel Atom/Knights
range), and other manufacturers (AMD) are not known to be affected.

MITIGATION
==========

Depending on the availability of host resources, leakage can be
prevented between VMs by using cpupools or cpu pinning to isolate the
vCPUs from different VMs to separate pCPUs.

CREDITS
=======

This issue was discovered by Julian Stecklina (jsteckli@amazon.de) from
Amazon and Thomas Prescher (thomas.prescher@cyberus-technology.de) from
Cyberus Technology.

It was also independenty discovered by Zdenek Sojka from SYSGO
(http://sysgo.com) and by Colin Percival.

RESOLUTION
==========

Applying the appropriate attached patch resolves this issue.

xsa267-[12].patch       xen-unstable
xsa267-4.10-[12].patch  Xen 4.10.x
xsa267-4.9-[12].patch   Xen 4.9.x, 4.8.x
xsa267-4.7-[12].patch   Xen 4.7.x
xsa267-4.6-[12].patch   Xen 4.6.x

Alternatively, the following patches can be used to create livepatches for
running hypervisors.

xsa267-livepatch.patch      xen-unstable, Xen 4.10.x, 4.9.x
xsa267-4.8-livepatch.patch  Xen 4.8.x

$ sha256sum xsa267*
d126e57ac6151e661294da9211a9d556845255a9d1909d73ec58a28c81b4a79d  xsa267-1.patch
00ec30c3738c3fcac8ca24a03308fc2d2dacab78640c17e5bb078e474b263719  xsa267-2.patch
9172c51e3652498740aa54c7953fb70c6df3902b382a9e9fa25a82943f70849d  xsa267-4.6-1.patch
8579fa847aea19b3666db39c9c844c32b543e5504f49074e48600c4958fa9eba  xsa267-4.6-2.patch
0fb7c123947a95963537ddeb156718d93a3d04b42486009fc520eaaeeba8aad6  xsa267-4.7-1.patch
418a71f8fc5b3ff1a5eb5cf4d161dea9c88697b50d84d8b8eec1ecf594f798f1  xsa267-4.7-2.patch
488f769e19acfe4ca59c731f58c5d464ec694e3c1923fbb3a26e6ed85afa68f8  xsa267-4.8-livepatch.patch
b4d1712b48c71ca541b6a39c182c3a134ff4d36cbf52ef6d65444ce84729c4b3  xsa267-4.9-1.patch
5ab13ae9ea070b2eee6ecf31324518f8315b7c0e523295d7892e5263fccb9d1f  xsa267-4.9-2.patch
9703a2e661f67408a108b540d296439cd349027a322b2e360780319897386753  xsa267-4.10-1.patch
d30dcb4887cb1963b460f850f34f0cd179704a2cdc8cdaf72bd16e495a0d63f1  xsa267-4.10-2.patch
7832229d987ac9b7292eb815d54b78e9884b892795d9ac3f11f0752f6c59d312  xsa267-livepatch.patch
$

DEPLOYMENT DURING EMBARGO
=========================

Deployment of the patches and/or mitigations described above (or
others which are substantially similar) is permitted during the
embargo, even on public-facing systems with untrusted guest users and
administrators.

But: Distribution of updated software is prohibited (except to other
members of the predisclosure list).

Predisclosure list members who wish to deploy significantly different
patches and/or mitigations, please contact the Xen Project Security
Team.


(Note: this during-embargo deployment notice is retained in
post-embargo publicly released Xen Project advisories, even though it
is then no longer applicable.  This is to enable the community to have
oversight of the Xen Project Security Team's decisionmaking.)

For more information about permissible uses of embargoed information,
consult the Xen Project community's agreed Security Policy:
  http://www.xenproject.org/security-policy.html
-----BEGIN PGP SIGNATURE-----

iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAmV8b/gMHHBncEB4ZW4u
b3JnAAoJEIP+FMlX6CvZI2YIAK70qlPXodYYHKal4j8IjsD4wR09ONdMAXAc5ocs
FHNGeIY3BdodBRB59Xj7ee61NhTraFUmvWdb8VJuuEfla7l6K4ZTG1ZCNDGoWHJl
qCvD43Hti7R0iY5MJ4qyaKz0Ky7C5MC+CDwVQfyHew+c3B53CndQxL8O+zTskwE9
swz84j8NdNnUvG3RfWx/Xspqt6vktKUYg4tEVKm68qzy1F6RElfdZ2ccyqpv7kiY
ffMhOihqsfBMdzXNJGHq48wwrp8VMdw7waW4s4JZEfDt6ES7R5OubqrkXLnUwLr+
vSvyPlpV1YNPhq4xCX01N3yIQv3h+RTPPPuLDP/acm3HF40=
=7hc6
-----END PGP SIGNATURE-----


Xenproject.org Security Team