32-Bit Linux Won’t Get Patched for Latest Intel Vulnerabilities
Users of 32-bit Linux distributions have another reason to consider upgrading in response to the news that the kernel will not be patched for the latest speculative execution attacks. Retbleed..Attacks classified as CVE-2022-29900 When CVE-2022-29901Reported from, leading to a number of Linux patches Phoronix..
Retbleed, a variant of Specter, exploits one of the mitigations against such attacks and affects certain x86-64 (AMD Zen 1/1 +/2 and Intel Core 6th to 8th generations). increase. This has been addressed in a 64-bit Linux kernel update (and Windows users should already have mitigations). However, the associated workload means that the 32-bit Linux kernel will not be treated the same.
The attack exploits letopolin, a mitigation measure against Specter, the portmanteau of “return” and “trampoline” introduced in 2018. The original attack used an indirect branch of the processor’s speculative execution system to steal information from system memory through a misprediction of a branch that leaks data. However, retpolines replaced these branches with returns that use an infinite loop that wasn’t executed to prevent the processor from guessing the target of the indirect jump.
These retopolins can now be bypassed by new exploits that can leak arbitrary information from your computer’s memory. At least one proof-of-concept exploit using Retbleed has been coded, but it’s unclear if that exploit is widely used on the Internet.
In response to a query on the lore.kernel.org mailing list, Intel’s Pawan Gupta wrote: “Intel is unaware of production environments that use 32-bit mode on Skylake generation CPUs, so this is not a problem.”
His colleague Peter Zijlstra said: A 32-bit kernel on Skylake / Zen based systems, it’s ridiculous. “
Therefore, the message is clear. If you are running a 32-bit Linux distribution on a Skylake-vintage CPU, stop immediately and upgrade to 64-bit.