CVE-2019-1125 "SWAPGS" Is The Newest Spectre Vulnerability affect X86 CPU

Phoronix: https://www.phoronix.com/scan.php?page=news_item&px=CVE-2019-1125-SWAPGS

CVE-2019-1125 was made public today or also referred to as the "SWAPGS" vulnerability as a new variant of Spectre V1 affecting Windows and Linux with Intel (and according to mixed information, AMD - though the current Linux kernel patches at least seem to only apply to Intel) x86_64 processors.

The SWAPGS vulnerability allows attackers to gain read access to privileged memory and builds off existing Spectre fixes. Red Hat has a great write-up on the technical side of this new vulnerability. There is also the CVE text.

Microsoft has already patched Windows 10 quietly for this vulnerability while Linux kernel patches already landed in Git. Linux distribution vendors are working on relevant kernel updates to push out for existing distribution kernels. No CPU microcode updates are required.

Fortunately it looks quite difficult to be able to exploit the SWAPGS vulnerability in practice but upgrading to a patched kernel is certainly recommended.

And, yes, it does look like it will impact performance... Benchmarks being worked on.

7 Likes

Already patched in unstable branch. Soon to be forwarded to testing.

9 Likes

I wonder how useful this is for people wanting to get access to others people datas... A classical ransomware is far more useful, or am I wrong?

1 Like

Note that based on industry feedback, we are not aware of any known way to exploit this vulnerability on Linux kernel-based systems.
(Red Hat)

Still a good idea to update the kernel :wink:

The SWAPGS website actually has a lot of useful information

I feel like this was a missed opportunity to name it SWAMPGAS

4 Likes

Jeez...

Wonder what's the performance penalty with patch of this brand new :biohazard: crap..

I've not noticed any performance or battery run-time difference with the patched kernels on testing branch. It's a modification to the existing SPECTRE mitigation so shouldn't really change performance that much.

1 Like

It’s between 1% and 5% depending on the task performed. So not that bad on it’s own but all these mitigation’s stack.

adding them all costs around 50% or more
:joy::sweat_smile:

1 Like

The sad fact is, you’re probably not very far off the actual figure :disappointed_relieved:

Performance loss depends on the exact CPU, and the worst performance killer are the Meltdown fixes (i.e. KPTI) especially on CPUs without PCID.
I posted a few benchmark results a while back, not sure how accurate they are today.
You're right though, if we add up all the mitigations the cost is quite high...

3 Likes

Well yeah it all comes down to how many of those little CPU critters out there, but in most of my setups i depend on common sense and use mitigations=off anyway...

I'd love to just bash this dreaded hardware backdoors with hammer, unfortunately it's too small to leave everything else intact :face_with_symbols_over_mouth:

1 Like

Yeah the problem is that older (and thus less performant) CPUs suffer the most, for example Core 2 Duo. I'm going to rerun benchmarks and post them here later.

I haven't seen a big performance dive on my AMD systems.
However, now that I have the "fix" for my Bay trail on Craptop. I have been a little more observant of issues. I had to turn mitigations off on it or it's a complete dog (It already sucks but it just made it worse).

I know when I do meltdown/spectre check, a ton of them say my 2700X and FX6300 are not effected.
Still, there's no shortage of vulnerabilities out there. The new one about pretty much ever WHQL driver for windows being the latest and most hilarious.

This is just my simple observations. I haven't done benchmarks or anything. If it runs what I need quickly enough to not piss me off, I'm pretty happy with it. :wink:

Results

With all default mitigations:

Perf sched: 238.187
Calculating a million digits of pi: 157.67
Argon2 hashing: 191.83
Sysbench CPU: 189.36
Sysbench RAM write: 121.98
Sysbench RAM read: 90.63
XZ compression: 343.16
FFmpeg compilation: 794.53
Darktable RAW conversion: 124.680
Blender render: 417.10
Total time (s): 2669.127
Total score: 514.486

With mitigations=off:

Perf sched: 144.275
Calculating a million digits of pi: 151.01
Argon2 hashing: 187.70
Sysbench CPU: 186.75
Sysbench RAM write: 100.37
Sysbench RAM read: 76.73
XZ compression: 337.21
FFmpeg compilation: 780.72
Darktable RAW conversion: 124.249
Blender render: 413.01
Total time (s): 2502.024
Total score: 494.653

Hardware:

CPU: Dual Core Intel Core2 Duo L9400 (-MCP-) speed/min/max: 1596/800/1600 MHz Kernel: 4.19.66-1-vd x86_64 Mem: 125.0/3835.2 MiB (3.3%)

Doesn't look that bad.

1 Like

Well ive responded to this by adding nospectre_v1 nospectre_v2 nospec_store_bypass_disable to grub are there any other i can add to purge this crap from my pc?

Also when will we be seeing an end to all these performance affecting updates that are only really a threat to businesses as the current one effects performance is exploitable locally not remotely (e.g yourself) and a local user can already get elevated privileges with su or sudo already and has any of these exploits even been used against regular users.

mitigations=off is all you need (*)
Security issues must be fixed even if it costs performance.

(*) according to kernel doc, it implies
nopti nospectre_v1 nospectre_v2 spectre_v2_user=off spec_store_bypass_disable=off l1tf=off mds=off
on x86 systems.

1 Like

Forum kindly sponsored by Bytemark