Linux 6.5 Patches Merged For Intel GDS/DOWNFALL, AMD INCEPTION

Written by Michael Larabel in Linux Security on 8 August 2023 at 01:00 PM EDT. 2 Comments
LINUX SECURITY
There used to be a time when Patch Tuesday wasn't so busy in the Linux space, but certainly not this month... Linus Torvalds just pushed the kernel code changes around AMD INCEPTION and Intel DOWNFALL as well as other security patches.

This merge adds the kernel-side bits around mitigating AMD's Speculative Return Address Stack (RAS) overflow vulnerability for Zen 3 and Zen 4. See this earlier article for details on this AMD INCEPTION disclosure.
"Add a mitigation for the speculative RAS (Return Address Stack) overflow vulnerability on AMD processors.

In short, this is yet another issue where userspace poisons a microarchitectural structure which can then be used to leak privileged information through a side channel"

Linus also merged the kernel changes around Intel Gather Data Sampling (GDS) / DOWNFALL. See the Intel DOWNFALL vulnerability overview for details on that issue affecting Skylake through Ice Lake / Tigerlake processors.

Both the separate AMD and Intel processors need microcode updates that should be pushed out any minute.

Benchmarks happening.

As part of Patch Tuesday was also a Xen security fix for the kernel.

These security patches are now in Linux Git for the Linux 6.5 kernel while they should also be back-ported to the Linux stable series over the next few days.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week