Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.4289 TSX Asynchronous Abort speculative side channel 14 November 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: microcode Publisher: Xen Operating System: Xen Impact/Access: Access Privileged Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-11135 Reference: ASB-2019.0330 ESB-2019.4274 ESB-2019.4271 ESB-2019.4270 ESB-2019.4269.2 Original Bulletin: http://xenbits.xen.org/xsa/advisory-305.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory CVE-2019-11135 / XSA-305 TSX Asynchronous Abort speculative side channel ISSUE DESCRIPTION ================= This is very closely related to the Microarchitectural Data Sampling vulnerabilities from May 2019. Please see https://xenbits.xen.org/xsa/advisory-297.html for details about MDS. A new way to sample data from microarchitectural structures has been identified. A TSX Asynchronous Abort is a state which occurs between a transaction definitely aborting (usually for reasons outside of the pipeline's control e.g. receiving an interrupt), and architectural state being rolled back to start of the transaction. During this period, speculative execution may be able to infer the value of data in the microarchitectural structures. For more details, see: https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort IMPACT ====== An attacker, which could include a malicious untrusted user process on a trusted guest, or an untrusted guest, can sample the content of recently-used memory operands and IO Port writes. This can include data from: * A previously executing context (process, or guest, or hypervisor/toolstack) at the same privilege level. * A higher privilege context (kernel, hypervisor, SMM) which interrupted the attacker's execution. Vulnerable data is that on the same physical core as the attacker. This includes, when hyper-threading is enabled, adjacent threads. An attacker cannot use this vulnerability to target specific data. An attack would likely require sampling over a period of time and the application of statistical methods to reconstruct interesting data. VULNERABLE SYSTEMS ================== Systems running all versions of Xen are affected. Only x86 processors are vulnerable. ARM processors are not believed to be vulnerable. Only Intel based processors are affected. Processors from other manufacturers (e.g. AMD) are not believed to be vulnerable. Only Intel processors supporting TSX (Transactional Synchronization eXtensions) are affected. Systems which have the XSA-297 (MDS) fixes, and do not enumerate MDS_NO (Hardware fixes to MDS) are not vulnerable to TAA (XSA-305). (Specifically, the XSA-297 changes of using VERW flushing and disabling HyperThreading will prevent data leakage via both MDS and TAA.) If the XSA-297 Xen patches for MDS have been applied, Xen will identify at boot if the CPU reports MDS_NO. i.e. [root@localhost ~]# xl dmesg | grep MDS_NO (XEN) Hardware features: IBRS/IBPB STIBP L1D_FLUSH SSBD MD_CLEAR IBRS_ALL RDCL_NO SKIP_L1DFL MDS_NO Support for TSX is reported by Linux (>=3.4) as `hle' and `rtm' in the cpu flags (`grep -e hle -e rtm /proc/cpuinfo'). (Note that applying Option A from Resolution, below, will disable TSX so suppressing this report, even if the CPU would be vulnerable with TSX enabled.) In summary: systems which support TSX and enumerate MDS_NO are vulnerable to XSA-305 (TAA). MITIGATION ========== There is no mitigation available. RESOLUTION ========== New microcode is required in all cases. It may be available via a firmware update (consult your hardware vendor), or available for boot-time loading (consult your dom0 OS vendor). There are two approaches: Option A: * Upgrade to the new microcode. * Apply the Xen patches (listed below). This will disable TSX (by default, but reenabling it would reintroduce the vulnerability). This option is the recommended resolution. Option B: * Upgrade to the new microcode. * Boot Xen with `smt=0 spec-ctrl=md-clear'. * (The patches are not strictly required.) This option is recommended only if it is known that the workload is such that it is important to retain the TSX feature. `smt=0' disables hyper-threading, and will have a significant performance impact. See `DISCUSSION CONCERNING SMT/HYPER-THREADING' in XSA-297 for more information about the implications and options. Note that the Xen command line argument `spec-ctrl=md-clear' must be specified to mitigate XSA-305, even though some readings of XSA-297 suggest it might be enabled by default when needed. This is because Option B reuses the same mitigation for a new problem. `spec-ctrl=md-clear' is the default on CPUs vulnerable to XSA-297; however, it is not the default on CPUs vulnerable to XSA-305. In each case with the Xen patches applied, appropriate microcode can be observed by finding TSX_CTRL enumerated: [root@localhost ~]# xl dmesg | grep TSX_CTRL (XEN) Hardware features: IBRS/IBPB STIBP L1D_FLUSH SSBD MD_CLEAR IBRS_ALL RDCL_NO SKIP_L1DFL MDS_NO TSX_CTRL There is no further action (beyond Option A or B above) required for guest kernel/userspace software, and nothing they could do differently to protect themselves in the absence of those changes. xsa305/xsa305-*.patch xen-unstable xsa305/xsa305-4.12-*.patch Xen 4.12.x xsa305/xsa305-4.11-*.patch Xen 4.11.x xsa304/xsa304-4.10-*.patch Xen 4.10.x xsa304/xsa304-4.9-*.patch Xen 4.9.x xsa304/xsa304-4.8-*.patch Xen 4.8.x $ sha256sum xsa305*/* b74bd3954b9c76eee7d9f2c594d5d5c05996f631696b68142f6e5cbe0ceaddf7 xsa305/xsa305-1.patch 67d30c248eefdd8552630c56d55adb9934f575a1fe1f15f7a0fca7d3d099de48 xsa305/xsa305-2.patch b64837e7a75cad86b0bb52379c781b8ea93094569d1a8f9e044c580cc6654869 xsa305/xsa305-4.8-1.patch cbb65761ba8d844d8297e50d3f95cb708b656b5a81a03fa808eb05fb7e58dbcd xsa305/xsa305-4.8-2.patch 607a8fb5006268ca48143729e59d135d6a6d6aac0a77119f44f7ab09a5b600bb xsa305/xsa305-4.9-1.patch f26ee247e0346144ed477c731930ba3ce562f586d6d2fb76f2926a1a32ab2807 xsa305/xsa305-4.9-2.patch 91be2c6b9a81e693c9583c0936c78a7eaaf51815d6ae7e0323be383b334ce73c xsa305/xsa305-4.10-1.patch b15d2feee4a3b9064a2b5387ee0e218f6b05f8b849f80e18f5bbdffcdaf418bc xsa305/xsa305-4.10-2.patch c47fcab07123f551a49c7bf96cad82f7bf9c4bb161b46b84f325e400c6438f3e xsa305/xsa305-4.11-1.patch 2bb81d261c3dc4f3c825ce9795ab4ac9ea08b0d99537ca61d56876be1e6a5d2a xsa305/xsa305-4.11-2.patch c6c7551d1c40340401b3a52a8d4dfa4c24b791764fcc08215d270aabff86474e xsa305/xsa305-4.12-1.patch a528aaaed32b632779a17cf2ed648903d7bc48ba213d6c8f7ce2d78f493e097c xsa305/xsa305-4.12-2.patch $ NOTE REGARDING LACK OF EMBARGO ============================== Despite an attempt to organise predisclosure, the discoverers ultimately did not authorise a predisclosure. - -----BEGIN PGP SIGNATURE----- iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAl3K8aoMHHBncEB4ZW4u b3JnAAoJEIP+FMlX6CvZt8AH/2MugPfnQiX3JYCYypWN0JRqS9vCTo96pvs1WwBM ohSWjdrgLyb29hKo48QBwV7LzCWAJQmAFKPYVX9CKoRmZOKRJESz9LdQ7zYedeV9 nNDM1HN1PL9dFZ7qyRFh3xuefO9DPQ+oHUdNFRHiJn0ttmu6sv+y8ww0UCBHL6H+ xZl4gCaAM0SNAbaFnJucA7L61NaUSNkcpLmS9r5OmEhAE4wdt+bRaVvqdea4OTc5 y/UvipnaHR2FrDMT6mVhBcnloBCJ99Q1C3uvtErQq6ASKxZ4asNFmpMl9+Vc13bo JVo4GyT6pVQYxJQdB5TtiVUKWklweCR9ioLtDRMHjuy/b1U= =G0Eh - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXczmKWaOgq3Tt24GAQglphAAzhPD+Fj5y48IH11hzBsExjbzDlgJW+/+ wpt9UdtJIMOCuy1UThlEUbituXOzFnfal3w+lw4QeA8nNcosMGH8dMzZlgiluw2b Si8GLp1cYf4E6o3D87OKtG/41XoD4HVA4x99uITXztPMrHhbV/e/1iGWEwTKO3Nt PCfzH4rfIXB2XQLPdfH5+5vX1qcq0WlVXnzQeUs3WZBFsJA5V7sQdq2rpRoZaX/t aCJHauot4iEElQzsiyY5ZeGLESgC0ih5ZI9fPbh/iDBxLokTV3i3+ah5upOtgB6f 0ROxOnjMXRLcUFUXP5tVucyxVA9/L3nNapnlfwRSkBhIfq22/oXYxm5htoNLdWaR O0h9NV7LCOfCZteRtjy6izm6gXqXHz766CaqdUIDfDoNNOpU/rjxcF5qoRzZZalC MAUeqxscKWROuQphCNEzKICKs5QEisxmO9LsJXrbR9F029hrlMawZMo4DsLo4kzE yF1YQr5e9woCgUgvYCmQZNda4nL0Tn+aLHyzsgXnaE/R5oQi+Ak2mks0v6UMeRIT NlHf0U1WeFr9Hn5av1eSUZQqi6o4t8shDBBFVHJeXEoFJPmA2NlSr0qDyf6sps/U EdZa+yL80gyW1kCDcImSlS0SsEFng26Ux2RivOE3cvOAefdtFvOFa4SOiiVHhPeE 1/GV2ZyraBo= =SrdW -----END PGP SIGNATURE-----