1.3 KiB
CVE-2024-50112
Description
In the Linux kernel, the following vulnerability has been resolved:x86/lam: Disable ADDRESS_MASKING in most casesLinear Address Masking (LAM) has a weakness related to transientexecution as described in the SLAM paper[1]. Unless Linear AddressSpace Separation (LASS) is enabled this weakness may be exploitable.Until kernel adds support for LASS[2], only allow LAM for COMPILE_TEST,or when speculation mitigations have been disabled at compile time,otherwise keep LAM disabled.There are no processors in market that support LAM yet, so currentlynobody is affected by this issue.[1] SLAM: https://download.vusec.net/papers/slam_sp24.pdf[2] LASS: https://lore.kernel.org/lkml/20230609183632.48706-1-alexander.shishkin@linux.intel.com/[ dhansen: update SPECULATION_MITIGATIONS -> CPU_MITIGATIONS ]
POC
Reference
No PoCs from references.