The Linux kernel was just patched moments ago for a new CPU security vulnerability… VMSCAPE. VMSCAPE affects both Intel and AMD processors.
VMSCAPE is an issue around indirect branch predictor flushes. VMSCAPE is described as:
“vmscape is a vulnerability that essentially takes Spectre-v2 and attacks host userspace from a guest. It particularly affects hypervisors like QEMU.
Even if a hypervisor may not have any sensitive data like disk encryption keys, guest-userspace may be able to attack the guest-kernel using the hypervisor as a confused deputy.
There are many ways to mitigate vmscape using the existing Spectre-v2 defenses like IBRS variants or the IBPB flushes. This series focuses solely on IBPB because it works universally across vendors and all vulnerable processors. Further work doing vendor and model-specific optimizations can build on top of this if needed / wanted.”
VMSCAPE affects Intel CPUs, going back at least to Skylake and up through Alder Lake andn ewer processors that are affected by BHI.
All AMD Zen processors are also affected, including the Chinese Hygon processors.
See the Linux kernel commit for more details on the new VMscape attack.
