Dave Hansen

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: The Linux kernel has a weakness related to transient execution in Linear Address Masking (LAM) as described in the SLAM paper. This weakness may be exploitable unless Linear Address Space Separation (LASS) is enabled. Currently, no processors in the market support LAM, so nobody is affected by this issue. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: A vulnerability in the Linux kernel has been resolved, related to the x86/entry 32 component. The issue involves the clearing of CPU buffers after register restoration in NMI return. Currently, CPU buffers are cleared after the call to exc nmi but before register state is restored, which may be sufficient for MDS mitigation but not for RDFS. RDFS mitigation requires CPU buffers to be cleared when registers do not contain sensitive data. The fix involves moving the CLEAR CPU BUFFERS operation after the RESTORE ALL NMI operation. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.