| Summary: | Update request: kernel-5.15.122-1.mga8 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Thomas Backlund <tmb> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | andrewsfarm, davidwhodgins, mageia, sysadmin-bugs, tarazed25 |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK, MGA8-32-OK | ||
| Source RPM: | kernel | CVE: | |
| Status comment: | |||
|
Description
Thomas Backlund
2023-07-25 20:53:08 CEST
No regressions noticed in either of my x8t_64 systms, aarch64 rpi 4b, i586 and vb guests. In the x86_64 laptop cpuinfo has ... cpu family : 23 model : 96 model name : AMD Ryzen 7 4800H with Radeon Graphics Running the zenbleed poc shows Spawning 8 Threads... zenbleed: failed to start thread on specifed code 1: Success before and after the kernel or prior microcode update. CC:
(none) =>
davidwhodgins cpu family : 23 model : 104 model name : AMD Ryzen 5 5500U with Radeon Graphics Before installing these updates the zenbleed PoC generated reams of output. After installing these updates it outputs % ./zenbleed *** EMBARGOED SECURITY ISSUE -- DO NOT DISTRIBUTE! *** ZenBleed Testcase -- taviso@google.com NOTE: Try -h to see configuration options Spawning 12 Threads... Thread 0x7f4efd6ce640 running on CPU 0 Thread 0x7f4efcecd640 running on CPU 1 Thread 0x7f4efc6cc640 running on CPU 2 Thread 0x7f4efaec9640 running on CPU 5 Thread 0x7f4efb6ca640 running on CPU 4 Thread 0x7f4ef9ec7640 running on CPU 7 Thread 0x7f4efa6c8640 running on CPU 6 Thread 0x7f4ef8ec5640 running on CPU 9 Thread 0x7f4ef96c6640 running on CPU 8 Thread 0x7f4ee3fff640 running on CPU 10 Thread 0x7f4efbecb640 running on CPU 3 Thread 0x7f4ee37fe640 running on CPU 11 and the journal contains kernel: Zenbleed: please update your microcode for the most optimal fix No regressions noted so far. CC:
(none) =>
mageia Mageia8, x86_64 AMD Ryzen 7 5700U Installed all the files and rebooted. Searched for the PoC https://github.com/google/security-research/blob/master/pocs/cpus/zenbleed/README.md Don't know how to use git so downloaded all the files individually and ran make. $ make Makefile:1: *** target pattern contains no '%'. Stop. What now? CC:
(none) =>
tarazed25 I downloaded the PoC from here: https://web.archive.org/web/20230724160509/https://lock.cmpxchg8b.com/files/zenbleed-v5.tar.gz then tar xf zenbleed-v5.tar.gz cd zenbleed make ./zenbleed You will need gcc and nasm installed. I used "wget https://seclists.org/oss-sec/2023/q3/att-59/zenbleed-v5_tar.gz" to get it, then tar -xf zenbleed..., cd zenbleed, make, ./zenbleed to run it. After removing nosmt=force from the kernel options on my laptop from comment 1, zenbleed is using 100% (or slightly less for short periods) cpu on all 16 cores. $ ./zenbleed *** EMBARGOED SECURITY ISSUE -- DO NOT DISTRIBUTE! *** ZenBleed Testcase -- taviso@google.com NOTE: Try -h to see configuration options Spawning 16 Threads... Thread 0x7fc62cbf5640 running on CPU 8 <snip> Thread 0x7fc6293ee640 running on CPU 15 I killed it after 10 minutes with no further output. That's with kernel and microcode updates. Thanks for the pointers. Note: No microcode update. Using server kernel - linus later. $ ./zenbleed *** EMBARGOED SECURITY ISSUE -- DO NOT DISTRIBUTE! *** [...] Spawning 16 Threads... Thread 0x7f5434f2e640 running on CPU 0 ... Thread 0x7f5410ff9640 running on CPU 15 Thread 0x7f54117fa640 running on CPU 14 # journalctl | grep Zenbleed Jul 25 20:59:42 rutilicus kernel: Zenbleed: please update your microcode for the most optimal fix gkrellm shows solid 99-100% CPU usage on all cores. Killed it after a while. Installed microcode and repeated test. Same output as before and advice in the journal to update microcode. My newest AMD processor is an A8-4555M, which as I misunderstand it is unenlightened where any kind of Zen is concerned, so should be unaffected by this issue. Testing the kernel anyway... HP Pavilion 15, AMD A8-4555M APU, AMD HD 7600G graphics, MGA8-64 Plasma system. Updated desktop kernel and microcode in one operation. Did my usual kernel testing, no issues noted. CC:
(none) =>
andrewsfarm
Thomas Backlund
2023-07-26 22:24:54 CEST
Keywords:
(none) =>
advisory
Thomas Backlund
2023-07-26 22:55:06 CEST
Keywords:
(none) =>
validated_update 5.15.122-desktop-1.mga8 x86_64 10-Core Intel Core i9-7900X NVIDIA GP102 [GeForce GTX 1080 Ti] Intel Ethernet I219-V driver: e1000e Running Mate for several hours. No issues. An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0242.html Status:
NEW =>
RESOLVED |