Post Syndicated from original https://lwn.net/Articles/898011/

The mainline kernel has just received a set of patches addressing a new set
of (seemingly) Intel-specific hardware vulnerabilities.

Processor MMIO Stale Data Vulnerabilities are a class of
memory-mapped I/O (MMIO) vulnerabilities that can expose data. The
sequences of operations for exposing data range from simple to very
complex. Because most of the vulnerabilities require the attacker
to have access to MMIO, many environments are not affected. System
environments using virtualization where MMIO access is provided to
untrusted guests may need mitigation. These vulnerabilities are not
transient execution attacks. However, these vulnerabilities may
propagate stale data into core fill buffers where the data can
subsequently be inferred by an unmitigated transient execution
attack. Mitigation for these vulnerabilities includes a combination
of microcode update and software changes, depending on the platform
and usage model.

Three separate CVE numbers have been issued for variants of this
vulnerability; more information can be found in this documentation
patch. Stable updates containing these fixes are in the review process
and should be released shortly.