Linux Kernel XFD State Synchronization Vulnerability in Signal Delivery

A vulnerability in the Linux kernel's handling of the XFD state during signal delivery has been addressed. This issue was identified in the stable branch of the Linux kernel. The vulnerability arises when a non-AMX task is interrupted by an AMX-enabled task that alters the XFD MSR. Upon resuming, the non-AMX task reloads the XSTATE with initial values, creating a mismatch between the expected and actual XFD states. This discrepancy triggers a warning, as the 'fpu__clear_user_states()' function does not currently update the XFD state after such interruptions. The issue can be reproduced in a KVM testing environment, where the improper synchronization of the XFD state can lead to validation warnings.

Impact

The vulnerability could cause warning messages related to XFD state validation, indicating a potential issue with the management of floating-point unit states in certain task scenarios.

Reproduction

To reproduce this vulnerability, run KVM tests on a Linux system with an AMX-enabled task that can preempt a non-AMX task. The non-AMX task should be configured to reload XSTATE with initial values after being interrupted. This sequence will create a mismatch between the task's XFD state and the CPU's current XFD state, triggering the validation warning.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux kernel's official website.