Warning s in journalctl kernels 6.6.2-5 / 6.6.2-7 /
archlinux kernel: Speculative Return Stack Overflow: IBPB-extending microcode not applied!
archlinux kernel: Speculative Return Stack Overflow: WARNING: See https://kernel.org/doc/html/latest/admin-guide/hw-vuln/srso.html for mitigation options.
cscs
27 November 2023 10:56
2
Guess I’m waiting on my microcode…
$ cat /sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow
Vulnerable: Safe RET, no microcode
Or who knows maybe I’ll use spec_rstack_overflow=off
to cut the performance hit, as …
In order to exploit vulnerability, an attacker needs to:
gain local access on the machine
break kASLR
find gadgets in the running kernel in order to use them in the exploit
potentially create and pin an additional workload on the sibling thread, depending on the microarchitecture (not necessary on fam 0x19)
run the exploit
1 Like
Old warnings have gone.
New on 4.Dez.2023: archlinux kernel: Zenbleed: please update your microcode for the most optimal fix.
@Yochanan
EDIT: amd-ucode 20231110.74158e7a-1 - of Mi 22 Nov 2023 - does not cover this…
cscs
4 January 2024 03:55
4
I had bookmarked this to remind me again in however long.
Things are pretty much the same.
Except been rocking the option above so now its
$ cat /sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow
Vulnerable: No microcode