oss-sec mailing list archives
Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors
From: Solar Designer <solar () openwall com>
Date: Tue, 25 Jul 2023 12:01:33 +0200
On Mon, Jul 24, 2023 at 07:28:18AM -0700, Tavis Ormandy wrote:
Hello, this is CVE-2023-20593, a use-after-free in AMD Zen2 processors.
An impressive finding, indeed! On a related note: A few months earlier, Tavis found a _different_ AMD Zen1/Zen2 bug, which turned out to have already been known and patched in AMD microcode updates for many affected parts (but apparently not all). There's also a kernel level workaround, which was included into Linux in response to Tavis' rediscovery of that issue. Here are the links for that other issue/fix, for distros to double-check they're fixing this one as well: x86: AMD Zen2 ymm registers rolling back (Feb 21, 2023) https://lore.kernel.org/lkml/Y%2FW4x7%2FKFqmDmmR7 () thinkstation cmpxchg8b net/ x86/CPU/AMD: Disable XSAVES on AMD family 0x17 (Mar 8, 2023) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b0563468eeac88ebc70559d52a0b66efc37e4e9d Once again, it's a different bug - not the one that this oss-security thread is mainly about - but both have cross-process security impact, affect similar AMD CPUs, and need to be taken care of by similar means (microcode updates or/and disabling of affected CPU features in the kernel). Alexander
Current thread:
- CVE-2023-20593: A use-after-free in AMD Zen2 Processors Tavis Ormandy (Jul 24)
- Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors Marc Deslauriers (Jul 24)
- Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors Jonathan Gray (Jul 25)
- Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors alice (Jul 25)
- Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors Eddie Chapman (Jul 25)
- Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors Matthias Schmidt (Jul 25)
- Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors Demi Marie Obenour (Jul 25)
- Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors Lucas Rolff (Jul 25)
- Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors Jeffrey Walton (Jul 25)
- Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors alice (Jul 25)
- Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors Jonathan Gray (Jul 25)
- Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors Marc Deslauriers (Jul 24)