Processor MMIO stale-data vulnerabilities

The mainline kernel has just received a set of patches addressing a new setof (seemingly) Intel-specific hardware vulnerabilities.

Processor MMIO Stale Data Vulnerabilities are a class ofmemory-mapped I/O (MMIO) vulnerabilities that can expose data. Thesequences of operations for exposing data range from simple to verycomplex. Because most of the vulnerabilities require the attackerto have access to MMIO, many environments are not affected. Systemenvironments using virtualization where MMIO access is provided tountrusted guests may need mitigation. These vulnerabilities are nottransient execution attacks. However, these vulnerabilities maypropagate stale data into core fill buffers where the data cansubsequently be inferred by an unmitigated transient executionattack. Mitigation for these vulnerabilities includes a combinationof microcode update and software changes, depending on the platformand usage model.

Three separate CVE numbers have been issued for variants of thisvulnerability; more information can be found in this documentationpatch. Stable updates containing these fixes are in the review processand should be released shortly.