Project:Security/Vulnerabilities/Spectre SWAPGS gadget vulnerability
Gentoo Linux has been made aware of an additional Spectre V1 like attack vector, requiring updates to the Linux kernel.
Spectre SWAPGS gadget vulnerability (CVE-2019-1125) allows an unprivileged local attacker to bypass conventional memory security restrictions to gain read access to privileged memory that would otherwise be inaccessible.
There is no known complete mitigation other than updating the kernel and rebooting the system. This kernel patch builds on existing spectre mitigations.
|LTS branch||Version with complete mitigation||Recommended version (stabilization candidate)|
Known performance impact
First tests with SWAPGS mitigation have shown to cause a performance impact. Benchmarks being worked on.