[SRU][J][PATCH 5/8] UBUNTU: [Config] Enable MITIGATION_VMSCAPE config
Massimiliano Pellizzer
massimiliano.pellizzer at canonical.com
Wed Sep 17 12:22:59 UTC 2025
BugLink: https://bugs.launchpad.net/bugs/2124105
VMSCAPE is a vulnerability, affecting a broad range of amd64 CPUs,
that may allow a guest to influence the branch prediction in host userspace.
It particularly affects hypervisors like QEMU.
Enable mitigations for the vulnerability.
Signed-off-by: Massimiliano Pellizzer <massimiliano.pellizzer at canonical.com>
---
debian.master/config/annotations | 3 +++
1 file changed, 3 insertions(+)
diff --git a/debian.master/config/annotations b/debian.master/config/annotations
index 67f27b95c869f..a61d2327dee76 100644
--- a/debian.master/config/annotations
+++ b/debian.master/config/annotations
@@ -345,6 +345,9 @@ CONFIG_MFD_SM501 note<'boot essential on OMAP4'>
CONFIG_MFD_TPS65217 policy<{'arm64': 'm', 'armhf': 'y', 'ppc64el': 'n'}>
CONFIG_MFD_TPS65217 note<'boot essential on AM335x'>
+CONFIG_MITIGATION_VMSCAPE policy<{'amd64': 'y'}>
+CONFIG_MITIGATION_VMSCAPE note<'LP: #2124105'>
+
CONFIG_MMC_BLOCK policy<{'amd64': 'm', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'm'}>
CONFIG_MMC_BLOCK note<'boot essential on armhf/arm64'>
--
2.48.1
More information about the kernel-team
mailing list