Speculative execution, variant 4 : speculative store bypass - CVE-2018-3639

Support for security such as Firewalls and securing linux
Post Reply
somaraz
Posts: 1
Joined: 2018/01/04 02:23:41

Speculative execution, variant 4 : speculative store bypass - CVE-2018-3639

Post by somaraz » 2018/05/22 03:28:24

Hi All,

Another vulnerable found related to Meltdown/Spectre-style which will required kernel upgrade.
Currently Redhat has release bug fix at : https://access.redhat.com/security/vuln ... 000RUZoAAO&

The latest kernel for CentOS 7 was 3.10.0-862.2.3.el7.x86_64 which is not fix for variant 4.
May I know when this variant can be fix ?
Referent : https://bugs.chromium.org/p/project-zer ... il?id=1528

Thanks :)

User avatar
avij
Forum Moderator
Posts: 2512
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:

Re: Speculative execution, variant 4 : speculative store bypass - CVE-2018-3639

Post by avij » 2018/05/22 05:58:07

Yes, the new kernel is being built. Kernel rpms take a bit longer to build than the other packages, but the updated kernel will be released in due course. We can't start building the new kernel (or any other package for that matter) until Red Hat has released theirs.

cmay11
Posts: 1
Joined: 2018/06/20 14:26:45

Re: Speculative execution, variant 4 : speculative store bypass - CVE-2018-3639

Post by cmay11 » 2018/06/20 14:28:21

Any update as to when a new kernel with this fix will be available?

User avatar
TrevorH
Forum Moderator
Posts: 22799
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Speculative execution, variant 4 : speculative store bypass - CVE-2018-3639

Post by TrevorH » 2018/06/20 15:12:30

About a month ago...

Build Date : Tue 22 May 2018 01:39:11 BST
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

kevins7189
Posts: 5
Joined: 2016/09/13 21:52:40

Re: Speculative execution, variant 4 : speculative store bypass - CVE-2018-3639

Post by kevins7189 » 2018/06/20 16:36:29

but it doesn't solve the issue because the microcode is not in the repo, I think.

CVE-2018-3640 [rogue system register read] aka 'Variant 3a'
* CPU microcode mitigates the vulnerability: NO
> STATUS: VULNERABLE (an up-to-date CPU microcode is needed to mitigate this vulnerability)

CVE-2018-3639 [speculative store bypass] aka 'Variant 4'
* Mitigated according to the /sys interface: NO (Vulnerable)
* Kernel supports speculation store bypass: YES (found in /proc/self/status)
> STATUS: VULNERABLE (Your CPU doesn't support SSBD)

User avatar
avij
Forum Moderator
Posts: 2512
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:

Re: Speculative execution, variant 4 : speculative store bypass - CVE-2018-3639

Post by avij » 2018/06/20 17:56:09

Kernel packages don't carry any microcode. Perhaps you should install the latest BIOS from your hardware vendor? The BIOS updates typically contain microcode updates as well.

User avatar
TrevorH
Forum Moderator
Posts: 22799
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Speculative execution, variant 4 : speculative store bypass - CVE-2018-3639

Post by TrevorH » 2018/06/20 19:24:21

Or just update the microcode_ctl package to the latest which now has the latest from Intel (well, 201804xx anyway).
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

kevins7189
Posts: 5
Joined: 2016/09/13 21:52:40

Re: Speculative execution, variant 4 : speculative store bypass - CVE-2018-3639

Post by kevins7189 » 2018/06/20 19:38:30

I'm using microcode_ctl-2.1-29.2.el7_5.x86_64, is there a newer one?
I'm using BIOS 2.6.1 (latest) for Dell R620.

User avatar
TrevorH
Forum Moderator
Posts: 22799
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Speculative execution, variant 4 : speculative store bypass - CVE-2018-3639

Post by TrevorH » 2018/06/20 20:01:03

That is the latest microcode_ctl for el7 and it appears to be the latest BIOS for an R620. No idea if Intel have newer microcode than RH package, perhaps worth a look. Everything I see at the moment still says that Intel have released "beta" microcode packages to their hardware partners and you can expect those to show up in production BIOSes sometime, maybe soon.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

Post Reply