group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #49926
[Bug 2124105] [NEW] VMSCAPE CVE-2025-40300
Public bug reported:
[ Impact ]
VMSCAPE is a vulnerability, affecting a broad range of amd64 CPUs,
that may allow a guest to influence the branch prediction in host userspace.
It particularly affects hypervisors like QEMU.
Even if a hypervisor may not have any sensitive data like disk encryption keys,
guest-userspace may be able to attack the guest-kernel using the hypervisor
as a confused deputy.
[ Fix ]
Backport the following patchset to all affected series:
- 9969779d0803 Documentation/hw-vuln: Add VMSCAPE documentation
- a508cec6e521 x86/vmscape: Enumerate VMSCAPE bug
- 2f8f173413f1 x86/vmscape: Add conditional IBPB mitigation
- 556c1ad666ad x86/vmscape: Enable the mitigation
- 6449f5baf9c7 x86/bugs: Move cpu_bugs_smt_update() down
- b7cc98872315 x86/vmscape: Warn when STIBP is disabled with SMT
- 8a68d64bb103 x86/vmscape: Add old Intel CPUs to affected list
[ Test Plan ]
TBD
[ Regression Potential ]
TBD
** Affects: linux (Ubuntu)
Importance: High
Assignee: Massimiliano Pellizzer (mpellizzer)
Status: In Progress
** Affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Affects: linux (Ubuntu Bionic)
Importance: Undecided
Status: New
** Affects: linux (Ubuntu Focal)
Importance: Undecided
Status: New
** Affects: linux (Ubuntu Jammy)
Importance: High
Assignee: Massimiliano Pellizzer (mpellizzer)
Status: In Progress
** Affects: linux (Ubuntu Noble)
Importance: High
Assignee: Massimiliano Pellizzer (mpellizzer)
Status: In Progress
** Affects: linux (Ubuntu Plucky)
Importance: High
Assignee: Massimiliano Pellizzer (mpellizzer)
Status: In Progress
** Affects: linux (Ubuntu Questing)
Importance: High
Assignee: Massimiliano Pellizzer (mpellizzer)
Status: In Progress
** Also affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Noble)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Plucky)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Questing)
Importance: High
Assignee: Massimiliano Pellizzer (mpellizzer)
Status: In Progress
** Also affects: linux (Ubuntu Focal)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Plucky)
Status: New => In Progress
** Changed in: linux (Ubuntu Noble)
Status: New => In Progress
** Changed in: linux (Ubuntu Plucky)
Assignee: (unassigned) => Massimiliano Pellizzer (mpellizzer)
** Changed in: linux (Ubuntu Noble)
Assignee: (unassigned) => Massimiliano Pellizzer (mpellizzer)
** Changed in: linux (Ubuntu Jammy)
Status: New => In Progress
** Changed in: linux (Ubuntu Jammy)
Assignee: (unassigned) => Massimiliano Pellizzer (mpellizzer)
** Changed in: linux (Ubuntu Plucky)
Importance: Undecided => High
** Changed in: linux (Ubuntu Noble)
Importance: Undecided => High
** Changed in: linux (Ubuntu Jammy)
Importance: Undecided => High
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/2124105
Title:
VMSCAPE CVE-2025-40300
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Xenial:
New
Status in linux source package in Bionic:
New
Status in linux source package in Focal:
New
Status in linux source package in Jammy:
In Progress
Status in linux source package in Noble:
In Progress
Status in linux source package in Plucky:
In Progress
Status in linux source package in Questing:
In Progress
Bug description:
[ Impact ]
VMSCAPE is a vulnerability, affecting a broad range of amd64 CPUs,
that may allow a guest to influence the branch prediction in host userspace.
It particularly affects hypervisors like QEMU.
Even if a hypervisor may not have any sensitive data like disk encryption keys,
guest-userspace may be able to attack the guest-kernel using the hypervisor
as a confused deputy.
[ Fix ]
Backport the following patchset to all affected series:
- 9969779d0803 Documentation/hw-vuln: Add VMSCAPE documentation
- a508cec6e521 x86/vmscape: Enumerate VMSCAPE bug
- 2f8f173413f1 x86/vmscape: Add conditional IBPB mitigation
- 556c1ad666ad x86/vmscape: Enable the mitigation
- 6449f5baf9c7 x86/bugs: Move cpu_bugs_smt_update() down
- b7cc98872315 x86/vmscape: Warn when STIBP is disabled with SMT
- 8a68d64bb103 x86/vmscape: Add old Intel CPUs to affected list
[ Test Plan ]
TBD
[ Regression Potential ]
TBD
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2124105/+subscriptions