CVE-2022-50720

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> x86/apic: Don&amp;#39;t disable x2APIC if locked<br /> <br /> The APIC supports two modes, legacy APIC (or xAPIC), and Extended APIC<br /> (or x2APIC). X2APIC mode is mostly compatible with legacy APIC, but<br /> it disables the memory-mapped APIC interface in favor of one that uses<br /> MSRs. The APIC mode is controlled by the EXT bit in the APIC MSR.<br /> <br /> The MMIO/xAPIC interface has some problems, most notably the APIC LEAK<br /> [1]. This bug allows an attacker to use the APIC MMIO interface to<br /> extract data from the SGX enclave.<br /> <br /> Introduce support for a new feature that will allow the BIOS to lock<br /> the APIC in x2APIC mode. If the APIC is locked in x2APIC mode and the<br /> kernel tries to disable the APIC or revert to legacy APIC mode a GP<br /> fault will occur.<br /> <br /> Introduce support for a new MSR (IA32_XAPIC_DISABLE_STATUS) and handle<br /> the new locked mode when the LEGACY_XAPIC_DISABLED bit is set by<br /> preventing the kernel from trying to disable the x2APIC.<br /> <br /> On platforms with the IA32_XAPIC_DISABLE_STATUS MSR, if SGX or TDX are<br /> enabled the LEGACY_XAPIC_DISABLED will be set by the BIOS. If<br /> legacy APIC is required, then it SGX and TDX need to be disabled in the<br /> BIOS.<br /> <br /> [1]: https://aepicleak.com/aepicleak.pdf