https://aws.amazon.com/security/security-bulletins/AWS-2019-004/
According to Amazon advisory, fixes have been applied and "no customer action is required at the Infrastructure level". Reading from other sources [1], I can only conclude that Amazon has not provided the knobs needed to do the mitigation. This explains the issue for MDS and TAA. SSB is likely vulnerable for the same reasons, but I'll look for their advisory and update it here. Same thing for ITLB multihit. One possible avenue of investigation is verifying if VERW is being used and providing the mitigation for the MDS case. Regards. Cascardo. [1] https://www.reddit.com/r/aws/comments/br38fl/sidechannel_md_clear_cpu_flags_not_being_passed/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1891812 Title: Missing Linux Kernel Mitigations To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1891812/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
