A flaw was found in Intelโs microprocessors. Intel microprocessors contain an implementation weakness that allows for an โinverse MDSโ style attack to be performed during store operations (writes to memory) and are stuffed maliciously into microarchitectural buffers from which unsuspecting victim code will later (speculatively) execute them. This allows an attacker to control and steer (speculative) execution, possibly allowing them to exploit gadgets in existing code to leak sensitive data. The highest threat from this vulnerability is to data confidentiality.
For hardware vulnerable to these attacks, there is no known mitigation other than to upgrade to hardware that is not vulnerable to this flaw.
Due to the high level of difficulty of the attack, and the performance impact which would be associated with any potential mitigations, there are currently no microcode or software mitigations for this issue other than previously existing Spectre V1 and SMAP mitigations described above.
Red Hat doesn't currently have knowledge of any real-world occurrences of this attack, so the risk of attack may be considered low. To further minimize the possibility of attacks related to this and other speculative issues, trusted and untrusted workloads can be isolated on separate systems.
For further details about potential mitigations, see Intel's LVI deep dive whitepaper (<https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection>).
access.redhat.com/articles/load-value-injection-flaw
bugzilla.redhat.com/show_bug.cgi?id=1753463
nvd.nist.gov/vuln/detail/CVE-2020-0551
software.intel.com/security-software-guidance/insights/deep-dive-introduction-speculative-execution-side-channel-methods
software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection
software.intel.com/security-software-guidance/software-guidance
www.cve.org/CVERecord?id=CVE-2020-0551