Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.4289
TSX Asynchronous Abort speculative side channel
14 November 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: microcode
Publisher: Xen
Operating System: Xen
Impact/Access: Access Privileged Data -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2019-11135
Reference: ASB-2019.0330
ESB-2019.4274
ESB-2019.4271
ESB-2019.4270
ESB-2019.4269.2
Original Bulletin:
http://xenbits.xen.org/xsa/advisory-305.html
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Xen Security Advisory CVE-2019-11135 / XSA-305
TSX Asynchronous Abort speculative side channel
ISSUE DESCRIPTION
=================
This is very closely related to the Microarchitectural Data Sampling
vulnerabilities from May 2019.
Please see https://xenbits.xen.org/xsa/advisory-297.html for details
about MDS.
A new way to sample data from microarchitectural structures has been
identified. A TSX Asynchronous Abort is a state which occurs between a
transaction definitely aborting (usually for reasons outside of the
pipeline's control e.g. receiving an interrupt), and architectural state
being rolled back to start of the transaction.
During this period, speculative execution may be able to infer the value
of data in the microarchitectural structures.
For more details, see:
https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort
IMPACT
======
An attacker, which could include a malicious untrusted user process on a
trusted guest, or an untrusted guest, can sample the content of
recently-used memory operands and IO Port writes.
This can include data from:
* A previously executing context (process, or guest, or
hypervisor/toolstack) at the same privilege level.
* A higher privilege context (kernel, hypervisor, SMM) which
interrupted the attacker's execution.
Vulnerable data is that on the same physical core as the attacker. This
includes, when hyper-threading is enabled, adjacent threads.
An attacker cannot use this vulnerability to target specific data. An
attack would likely require sampling over a period of time and the
application of statistical methods to reconstruct interesting data.
VULNERABLE SYSTEMS
==================
Systems running all versions of Xen are affected.
Only x86 processors are vulnerable.
ARM processors are not believed to be vulnerable.
Only Intel based processors are affected. Processors from other
manufacturers (e.g. AMD) are not believed to be vulnerable.
Only Intel processors supporting TSX (Transactional Synchronization
eXtensions) are affected.
Systems which have the XSA-297 (MDS) fixes, and do not enumerate
MDS_NO (Hardware fixes to MDS) are not vulnerable to TAA (XSA-305).
(Specifically, the XSA-297 changes of using VERW flushing and disabling
HyperThreading will prevent data leakage via both MDS and TAA.)
If the XSA-297 Xen patches for MDS have been applied, Xen will
identify at boot if the CPU reports MDS_NO. i.e.
[root@localhost ~]# xl dmesg | grep MDS_NO
(XEN) Hardware features: IBRS/IBPB STIBP L1D_FLUSH SSBD MD_CLEAR IBRS_ALL RDCL_NO SKIP_L1DFL MDS_NO
Support for TSX is reported by Linux (>=3.4) as `hle' and `rtm' in the
cpu flags (`grep -e hle -e rtm /proc/cpuinfo'). (Note that applying
Option A from Resolution, below, will disable TSX so suppressing this
report, even if the CPU would be vulnerable with TSX enabled.)
In summary: systems which support TSX and enumerate MDS_NO are
vulnerable to XSA-305 (TAA).
MITIGATION
==========
There is no mitigation available.
RESOLUTION
==========
New microcode is required in all cases. It may be available via a
firmware update (consult your hardware vendor), or available for
boot-time loading (consult your dom0 OS vendor).
There are two approaches:
Option A:
* Upgrade to the new microcode.
* Apply the Xen patches (listed below).
This will disable TSX (by default, but reenabling it would
reintroduce the vulnerability). This option is the recommended
resolution.
Option B:
* Upgrade to the new microcode.
* Boot Xen with `smt=0 spec-ctrl=md-clear'.
* (The patches are not strictly required.)
This option is recommended only if it is known that the workload is
such that it is important to retain the TSX feature.
`smt=0' disables hyper-threading, and will have a significant
performance impact. See `DISCUSSION CONCERNING SMT/HYPER-THREADING'
in XSA-297 for more information about the implications and options.
Note that the Xen command line argument `spec-ctrl=md-clear' must be
specified to mitigate XSA-305, even though some readings of XSA-297
suggest it might be enabled by default when needed. This is because
Option B reuses the same mitigation for a new problem.
`spec-ctrl=md-clear' is the default on CPUs vulnerable to XSA-297;
however, it is not the default on CPUs vulnerable to XSA-305.
In each case with the Xen patches applied, appropriate microcode can
be observed by finding TSX_CTRL enumerated:
[root@localhost ~]# xl dmesg | grep TSX_CTRL
(XEN) Hardware features: IBRS/IBPB STIBP L1D_FLUSH SSBD MD_CLEAR IBRS_ALL RDCL_NO SKIP_L1DFL MDS_NO TSX_CTRL
There is no further action (beyond Option A or B above) required for
guest kernel/userspace software, and nothing they could do differently
to protect themselves in the absence of those changes.
xsa305/xsa305-*.patch xen-unstable
xsa305/xsa305-4.12-*.patch Xen 4.12.x
xsa305/xsa305-4.11-*.patch Xen 4.11.x
xsa304/xsa304-4.10-*.patch Xen 4.10.x
xsa304/xsa304-4.9-*.patch Xen 4.9.x
xsa304/xsa304-4.8-*.patch Xen 4.8.x
$ sha256sum xsa305*/*
b74bd3954b9c76eee7d9f2c594d5d5c05996f631696b68142f6e5cbe0ceaddf7 xsa305/xsa305-1.patch
67d30c248eefdd8552630c56d55adb9934f575a1fe1f15f7a0fca7d3d099de48 xsa305/xsa305-2.patch
b64837e7a75cad86b0bb52379c781b8ea93094569d1a8f9e044c580cc6654869 xsa305/xsa305-4.8-1.patch
cbb65761ba8d844d8297e50d3f95cb708b656b5a81a03fa808eb05fb7e58dbcd xsa305/xsa305-4.8-2.patch
607a8fb5006268ca48143729e59d135d6a6d6aac0a77119f44f7ab09a5b600bb xsa305/xsa305-4.9-1.patch
f26ee247e0346144ed477c731930ba3ce562f586d6d2fb76f2926a1a32ab2807 xsa305/xsa305-4.9-2.patch
91be2c6b9a81e693c9583c0936c78a7eaaf51815d6ae7e0323be383b334ce73c xsa305/xsa305-4.10-1.patch
b15d2feee4a3b9064a2b5387ee0e218f6b05f8b849f80e18f5bbdffcdaf418bc xsa305/xsa305-4.10-2.patch
c47fcab07123f551a49c7bf96cad82f7bf9c4bb161b46b84f325e400c6438f3e xsa305/xsa305-4.11-1.patch
2bb81d261c3dc4f3c825ce9795ab4ac9ea08b0d99537ca61d56876be1e6a5d2a xsa305/xsa305-4.11-2.patch
c6c7551d1c40340401b3a52a8d4dfa4c24b791764fcc08215d270aabff86474e xsa305/xsa305-4.12-1.patch
a528aaaed32b632779a17cf2ed648903d7bc48ba213d6c8f7ce2d78f493e097c xsa305/xsa305-4.12-2.patch
$
NOTE REGARDING LACK OF EMBARGO
==============================
Despite an attempt to organise predisclosure, the discoverers ultimately
did not authorise a predisclosure.
- -----BEGIN PGP SIGNATURE-----
iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAl3K8aoMHHBncEB4ZW4u
b3JnAAoJEIP+FMlX6CvZt8AH/2MugPfnQiX3JYCYypWN0JRqS9vCTo96pvs1WwBM
ohSWjdrgLyb29hKo48QBwV7LzCWAJQmAFKPYVX9CKoRmZOKRJESz9LdQ7zYedeV9
nNDM1HN1PL9dFZ7qyRFh3xuefO9DPQ+oHUdNFRHiJn0ttmu6sv+y8ww0UCBHL6H+
xZl4gCaAM0SNAbaFnJucA7L61NaUSNkcpLmS9r5OmEhAE4wdt+bRaVvqdea4OTc5
y/UvipnaHR2FrDMT6mVhBcnloBCJ99Q1C3uvtErQq6ASKxZ4asNFmpMl9+Vc13bo
JVo4GyT6pVQYxJQdB5TtiVUKWklweCR9ioLtDRMHjuy/b1U=
=G0Eh
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXczmKWaOgq3Tt24GAQglphAAzhPD+Fj5y48IH11hzBsExjbzDlgJW+/+
wpt9UdtJIMOCuy1UThlEUbituXOzFnfal3w+lw4QeA8nNcosMGH8dMzZlgiluw2b
Si8GLp1cYf4E6o3D87OKtG/41XoD4HVA4x99uITXztPMrHhbV/e/1iGWEwTKO3Nt
PCfzH4rfIXB2XQLPdfH5+5vX1qcq0WlVXnzQeUs3WZBFsJA5V7sQdq2rpRoZaX/t
aCJHauot4iEElQzsiyY5ZeGLESgC0ih5ZI9fPbh/iDBxLokTV3i3+ah5upOtgB6f
0ROxOnjMXRLcUFUXP5tVucyxVA9/L3nNapnlfwRSkBhIfq22/oXYxm5htoNLdWaR
O0h9NV7LCOfCZteRtjy6izm6gXqXHz766CaqdUIDfDoNNOpU/rjxcF5qoRzZZalC
MAUeqxscKWROuQphCNEzKICKs5QEisxmO9LsJXrbR9F029hrlMawZMo4DsLo4kzE
yF1YQr5e9woCgUgvYCmQZNda4nL0Tn+aLHyzsgXnaE/R5oQi+Ak2mks0v6UMeRIT
NlHf0U1WeFr9Hn5av1eSUZQqi6o4t8shDBBFVHJeXEoFJPmA2NlSr0qDyf6sps/U
EdZa+yL80gyW1kCDcImSlS0SsEFng26Ux2RivOE3cvOAefdtFvOFa4SOiiVHhPeE
1/GV2ZyraBo=
=SrdW
-----END PGP SIGNATURE-----