An gano wani rauni a cikin Linux 6.2 kernel (CVE-2023-1998) wanda ke hana kariya daga hare-haren Specter v2 wanda ke ba da damar yin amfani da ƙwaƙwalwar wasu hanyoyin da ke gudana akan zaren SMT ko Hyper Threading daban-daban, amma akan ainihin kayan aikin jiki iri ɗaya. Za a iya amfani da rashin lahani, a tsakanin sauran abubuwa, don tsara yatsan bayanai tsakanin injunan kama-da-wane a cikin tsarin girgije. Batun yana shafar Linux 6.2 kwaya kawai kuma ana haifar da shi ta hanyar aiwatar da ingantawa da ba daidai ba da aka tsara don rage yawan sama da ƙasa yayin amfani da kariya daga Specter v2. An daidaita raunin a cikin reshen gwaji na Linux 6.3 kernel.
A cikin sarari mai amfani, don karewa daga hare-haren Specter, matakai na iya zaɓi zaɓin hana aiwatar da umarni mai ƙima tare da prctl PR_SET_SPECULATION_CTRL ko amfani da tacewa na tushen tsarin seccomp. A cewar masu binciken da suka gano matsalar, ingantawa ba daidai ba a cikin kwaya na 6.2 ya bar na'urori masu kama-da-wane na aƙalla babban mai samar da girgije ba tare da ingantaccen kariya ba, duk da haɗar yanayin toshe harin-BTI ta hanyar prctl. Rashin lahani kuma yana bayyana kansa akan sabar na yau da kullun tare da kernel 6.2, waɗanda aka kunna ta amfani da saitin "spectre_v2=ibrs".
Ma'anar raunin shine lokacin zabar IBRS ko hanyoyin kariya na eIBRS, haɓakawa sun hana amfani da tsarin STIBP (Single Thread Indirect Branch Predictors), wanda ya zama dole don toshe leaks yayin amfani da fasahar multithreading lokaci guda (SMT ko Hyper-Threading). ). A lokaci guda, yanayin eIBRS kawai yana ba da kariya daga ɗigogi tsakanin zaren, amma ba yanayin IBRS ba, tunda tare da shi IBRS bit, wanda ke ba da kariya daga leaks tsakanin ma'ana, ana share shi saboda dalilai na aiki lokacin da sarrafawa ya dawo sararin mai amfani, wanda ke sa zaren sararin mai amfani ba su da kariya daga hare-haren ajin Specter v2.
source: budenet.ru