Libvirt Security Notice Index > 2018 > LSN-2018-0001 [xml] [text]

Libvirt Security Notice: LSN-2018-0001

Spectre variant 2 branch target injection

Lifecycle

Reported on:	20171212
Published on:	20180105
Fixed on:	20180118

Credits

Reported by:	Paolo Bonzini
Patched by:	Paolo Bonzini
	Jiri Denemark

See also

CVE-2017-5715

Description

This is not a vulnerability in libvirt, rather it is a set of changes in libvirt to enable mitigation of the Spectre hardware flaws by providing extra CPU models with the "spec-ctrl" feature . Refer to https://spectreattack.com/ for further background information.

Affected product: libvirt

Branch: master

Broken in:: v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.4.1
v0.4.2
v0.4.4
v0.4.6
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.6.5
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.8.7
v0.8.8
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
v0.9.7
v0.9.8
v0.9.9
v0.9.10
v0.9.11
v0.9.12
v0.9.13
v0.10.0
v0.10.1
v0.10.2
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.1.0
v1.1.1
v1.1.2
v1.1.3
v1.1.4
v1.2.0
v1.2.1
v1.2.2
v1.2.3
v1.2.4
v1.2.5
v1.2.6
v1.2.7
v1.2.8
v1.2.9
v1.2.10
v1.2.11
v1.2.12
v1.2.13
v1.2.14
v1.2.15
v1.2.16
v1.2.17
v1.2.18
v1.2.19
v1.2.20
v1.2.21
v1.3.0
v1.3.1
v1.3.2
v1.3.3
v1.3.4
v1.3.5
v2.0.0
v2.1.0
v2.2.0
v2.3.0
v2.4.0
v2.5.0
v3.0.0
v3.1.0
v3.2.0
v3.3.0
v3.4.0
v3.5.0
v3.6.0
v3.7.0
v3.8.0
v3.9.0
v3.10.0
Fixed in:: v4.0.0
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:: 24d504396c3c05eff87d29173a224e2faaeb2637
b2042020c32b74069fa5365b5e966537aaba8cf6
7bb4ce9761dfbd1620ddffb26fbd6f0ff1fedf3f
49bffcb3cc1850d332b9648c686a7be18de9e708
7f83eefa9e6940c83579d31941efd07fab1b90c8
7dd85ff62d7080b52d4d175f53ad5eb11cdcfb9c
203c92e9cc2db854199b39ef3ffcc10406d3c59e
30b381cfdd5e92e5afa6de09f0fe533353e71d07
2e3b220a874e558e54678afd7cf49466fe605e09
6b7e7d1cc24a28a9f5ece8626f807189647d14b4
6d4a3cd42781babed7d29b061e220ebff24dd43e

Branch: v0.8.3-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v0.9.6-maint

Broken in:: v0.9.6.1
v0.9.6.2
v0.9.6.3
v0.9.6.4
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v0.9.11-maint

Broken in:: v0.9.11.1
v0.9.11.2
v0.9.11.3
v0.9.11.4
v0.9.11.5
v0.9.11.6
v0.9.11.7
v0.9.11.8
v0.9.11.9
v0.9.11.10
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v0.9.12-maint

Broken in:: v0.9.12.1
v0.9.12.2
v0.9.12.3
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v0.10.2-maint

Broken in:: v0.10.2.1
v0.10.2.2
v0.10.2.3
v0.10.2.4
v0.10.2.5
v0.10.2.6
v0.10.2.7
v0.10.2.8
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.0-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.1-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.2-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.3-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.4-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.5-maint

Broken in:: v1.0.5.1
v1.0.5.2
v1.0.5.3
v1.0.5.4
v1.0.5.5
v1.0.5.6
v1.0.5.7
v1.0.5.8
v1.0.5.9
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.6-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.1.0-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.1.1-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.1.2-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.1.3-maint

Broken in:: v1.1.3.1
v1.1.3.2
v1.1.3.3
v1.1.3.4
v1.1.3.5
v1.1.3.6
v1.1.3.7
v1.1.3.8
v1.1.3.9
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.1.4-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.0-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.1-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.2-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.3-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.4-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.5-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.6-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.7-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.8-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.9-maint

Broken in:: v1.2.9.1
v1.2.9.2
v1.2.9.3
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.10-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.11-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.12-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.13-maint

Broken in:: v1.2.13.1
v1.2.13.2
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.14-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.15-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.16-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.17-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.18-maint

Broken in:: v1.2.18.1
v1.2.18.2
v1.2.18.3
v1.2.18.4
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.19-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.20-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.21-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.3.0-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.3.1-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.3.2-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.3.3-maint

Broken in:: v1.3.3.1
v1.3.3.2
v1.3.3.3
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.3.4-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.3.5-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v2.0-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v2.1-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v2.2-maint

Broken in:: v2.2.1
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v3.0-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v3.2-maint

Broken in:: v3.2.1
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v3.7-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Alternative formats: [xml] [text]

Home

Website (via DuckDuckGo) Wiki (via DuckDuckGo) Developers list Users list

Contact

email
irc

Community

Contribute

edit this page

Participants in the libvirt project agree to abide by the project code of conduct