Article 6KYYZ The "branch history injection" hardware vulnerability

The "branch history injection" hardware vulnerability

by
corbet
from LWN.net on (#6KYYZ)
The mainline kernel has just received a set of commits mitigating thelatest x86 hardware vulnerability, known as "branch history injection".From this commit:

Branch History Injection (BHI) attacks may allow a maliciousapplication to influence indirect branch prediction in kernel bypoisoning the branch history. eIBRS isolates indirect branchtargets in ring0. The BHB can still influence the choice ofindirect branch predictor entry, and although branch predictorentries are isolated between modes when eIBRS is enabled, the BHBitself is not isolated between modes.

See this commit fordocumentation on the command-line parameter that controls this mitigation.There are stable kernel releases (6.8.5,6.6.26,6.1.85,and 5.15.154)in the works that also contain the mitigations.

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments