Libvirt Security Notice: LSN-2018-0005

Speculative Store Bypass

Lifecycle

Reported on: 20180509
Published on: 20180521
Fixed on: 20180521

Credits

Reported by: Ken Johnson (Microsoft Security Response Center)
Jann Horn (Google Project Zero)
Patched by: Daniel Berrange

See also

Description

This is not a vulnerability in libvirt, rather it is a set of changes in libvirt to enable mitigation of the Speculative Store Bypass hardware flaws by providing extra CPU features "ssbd" and "virt-ssbd". Refer to https://access.redhat.com/security/vulnerabilities/ssbd for further background information.

Affected product: libvirt

Branch master
Broken in: v0.2.0
Broken in: v0.2.1
Broken in: v0.2.2
Broken in: v0.2.3
Broken in: v0.3.0
Broken in: v0.3.1
Broken in: v0.3.2
Broken in: v0.3.3
Broken in: v0.4.1
Broken in: v0.4.2
Broken in: v0.4.4
Broken in: v0.4.6
Broken in: v0.5.0
Broken in: v0.5.1
Broken in: v0.6.0
Broken in: v0.6.1
Broken in: v0.6.2
Broken in: v0.6.3
Broken in: v0.6.4
Broken in: v0.6.5
Broken in: v0.7.0
Broken in: v0.7.1
Broken in: v0.7.2
Broken in: v0.7.3
Broken in: v0.7.4
Broken in: v0.7.5
Broken in: v0.7.6
Broken in: v0.7.7
Broken in: v0.8.0
Broken in: v0.8.1
Broken in: v0.8.2
Broken in: v0.8.3
Broken in: v0.8.4
Broken in: v0.8.5
Broken in: v0.8.6
Broken in: v0.8.7
Broken in: v0.8.8
Broken in: v0.9.0
Broken in: v0.9.1
Broken in: v0.9.2
Broken in: v0.9.3
Broken in: v0.9.4
Broken in: v0.9.5
Broken in: v0.9.6
Broken in: v0.9.7
Broken in: v0.9.8
Broken in: v0.9.9
Broken in: v0.9.10
Broken in: v0.9.11
Broken in: v0.9.12
Broken in: v0.9.13
Broken in: v0.10.0
Broken in: v0.10.1
Broken in: v0.10.2
Broken in: v1.0.0
Broken in: v1.0.1
Broken in: v1.0.2
Broken in: v1.0.3
Broken in: v1.0.4
Broken in: v1.0.5
Broken in: v1.0.6
Broken in: v1.1.0
Broken in: v1.1.1
Broken in: v1.1.2
Broken in: v1.1.3
Broken in: v1.1.4
Broken in: v1.2.0
Broken in: v1.2.1
Broken in: v1.2.2
Broken in: v1.2.3
Broken in: v1.2.4
Broken in: v1.2.5
Broken in: v1.2.6
Broken in: v1.2.7
Broken in: v1.2.8
Broken in: v1.2.9
Broken in: v1.2.10
Broken in: v1.2.11
Broken in: v1.2.12
Broken in: v1.2.13
Broken in: v1.2.14
Broken in: v1.2.15
Broken in: v1.2.16
Broken in: v1.2.17
Broken in: v1.2.18
Broken in: v1.2.19
Broken in: v1.2.20
Broken in: v1.2.21
Broken in: v1.3.0
Broken in: v1.3.1
Broken in: v1.3.2
Broken in: v1.3.3
Broken in: v1.3.4
Broken in: v1.3.5
Broken in: v2.0.0
Broken in: v2.1.0
Broken in: v2.2.0
Broken in: v2.3.0
Broken in: v2.4.0
Broken in: v2.5.0
Broken in: v3.0.0
Broken in: v3.1.0
Broken in: v3.2.0
Broken in: v3.3.0
Broken in: v3.4.0
Broken in: v3.5.0
Broken in: v3.6.0
Broken in: v3.7.0
Broken in: v3.8.0
Broken in: v3.9.0
Broken in: v3.10.0
Broken in: v4.0.0
Broken in: v4.1.0
Broken in: v4.2.0
Broken in: v4.3.0
Fixed in: v4.4.0
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by: 1dbca2eccad58d91a5fd33962854f1a653638182
Fixed by: 9267342206ce17f6933d57a3128cdc504d5945c9
Branch v0.8.3-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v0.9.6-maint
Broken in: v0.9.6.1
Broken in: v0.9.6.2
Broken in: v0.9.6.3
Broken in: v0.9.6.4
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v0.9.11-maint
Broken in: v0.9.11.1
Broken in: v0.9.11.2
Broken in: v0.9.11.3
Broken in: v0.9.11.4
Broken in: v0.9.11.5
Broken in: v0.9.11.6
Broken in: v0.9.11.7
Broken in: v0.9.11.8
Broken in: v0.9.11.9
Broken in: v0.9.11.10
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v0.9.12-maint
Broken in: v0.9.12.1
Broken in: v0.9.12.2
Broken in: v0.9.12.3
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v0.10.2-maint
Broken in: v0.10.2.1
Broken in: v0.10.2.2
Broken in: v0.10.2.3
Broken in: v0.10.2.4
Broken in: v0.10.2.5
Broken in: v0.10.2.6
Broken in: v0.10.2.7
Broken in: v0.10.2.8
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.0.0-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.0.1-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.0.2-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.0.3-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.0.4-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.0.5-maint
Broken in: v1.0.5.1
Broken in: v1.0.5.2
Broken in: v1.0.5.3
Broken in: v1.0.5.4
Broken in: v1.0.5.5
Broken in: v1.0.5.6
Broken in: v1.0.5.7
Broken in: v1.0.5.8
Broken in: v1.0.5.9
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.0.6-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.1.0-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.1.1-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.1.2-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.1.3-maint
Broken in: v1.1.3.1
Broken in: v1.1.3.2
Broken in: v1.1.3.3
Broken in: v1.1.3.4
Broken in: v1.1.3.5
Broken in: v1.1.3.6
Broken in: v1.1.3.7
Broken in: v1.1.3.8
Broken in: v1.1.3.9
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.1.4-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.0-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.1-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.2-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.3-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.4-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.5-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.6-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.7-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.8-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.9-maint
Broken in: v1.2.9.1
Broken in: v1.2.9.2
Broken in: v1.2.9.3
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.10-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.11-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.12-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.13-maint
Broken in: v1.2.13.1
Broken in: v1.2.13.2
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.14-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.15-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.16-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.17-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.18-maint
Broken in: v1.2.18.1
Broken in: v1.2.18.2
Broken in: v1.2.18.3
Broken in: v1.2.18.4
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.19-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.20-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.2.21-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.3.0-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.3.1-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.3.2-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.3.3-maint
Broken in: v1.3.3.1
Broken in: v1.3.3.2
Broken in: v1.3.3.3
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.3.4-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v1.3.5-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v2.0-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v2.1-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v2.2-maint
Broken in: v2.2.1
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v3.0-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v3.2-maint
Broken in: v3.2.1
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v3.7-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Branch v4.1-maint
Broken by: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948

Alternative formats: [xml] [text]