SWAPGS: KernelCare patches on the way

Aug 7, 2019 3:22:40 PM / by KernelCare Team

swapgs

A new month has started—Summer is in full swing—Must be time for another CPU vulnerability. (Let’s hope this one has a catchy name.)

It seems we haven’t seen the last of Spectre and Meltdown. They have risen from the ashes, mutated and turned into ... SWAPGS. (Sorry, no catchy name this time.)

This is another flaw in the architectural design of speculative execution side channels used to accelerate the performance of modern Intel CPUs. SWAPGS is a privileged instruction that can be run speculatively. The flaw can be exploited even with Spectre and Meltdown mitigations in place.

It’s officially numbered as CVE-2019-1125 and as with the previous types, this one affects Intel CPUs made since 2012; there is still controversy as to whether it also affects AMD processors (AMD says it doesn’t).

KernelCare patches will start rolling out on Monday, 12 August.

Patches released to Production:

  • OEL 6
  • RHEL 6
  • RHEL 8
  • Ubuntu Xenial
  • Ubuntu Bionic
  • Debian 9

References

Topics: KernelCare Blog, SWAPGS, Vulnerability fix, CVE

KernelCare Team

Written by KernelCare Team