Security vulnerability: Training Solo aka CVE-2024-28956, CVE-2025-24495

For a complete list of affected products please review the respective SUSE Security announcements:

https://www.suse.com/security/cve/CVE-2024-28956.html
https://www.suse.com/security/cve/CVE-2025-24495.html

Security researchers of the VUSec group at VU Amsterdam found new Spectre v2 transitional execution attack in Intel CPUs.

The research focused on training the predictor within the same privilege class as the to be leaked data.

Three self-training attack classes were found:

- History-based attacks: Training could be done using in kernel methods,
  with classic Berkeley Packet Filter (cBPF) programs injected by the
  attacker which are allowed for all users and are used for seccomp or
  packet filtering.

  Mitigations requires additional code changes to the kernel, also Intel
  implemented a new Indirect Branch History Fence (IBHF) instruction
  supplied by newer Intel CPU Microcode (revisions 20250512 or newer).

- IP-based attacks: Attackers can force the prediction to fallback
  entirely on the branch address rather than history. That way two
  indirect branches could train each other when their address aliases
  collide in the Branch Target Buffer. Usable gadgets to exploit
  this could be found e.g. within the Linux Kernel by using automated
  techniques.

  No mitigation is currently suggested.

- Direct-to-indirect attacks: On certain CPUs direct
  branches can train the indirect branch prediction.  This behavior
  is caused by two hardware issues: Indirect Target Selection (ITS)
  (CVE-2024-28956) and a hardware issue on Lion Cove (CVE-2025-24495).
  For ITS, this drastically increases the self-training attack surface.

  Mitigations require Intel CPU Microcode updates to 20250512 or newer
  to supplement the Indirect Branch Predictor Barrier (IBPB) mitigation.

  Also source code adaptions are needed, adding indirect jumps in upper levels
  of the cacheline that mitigates the problem.

SUSE will release updated ucode-intel packages.

SUSE will release source code changes for the Direct-to-Indirect attacks on SLES 15 SP6 and newer kernels, as the backporting efforts are massive and too risky.

A new reporting file is added:

/sys/devices/system/cpu/vulnerabilities/indirect_target_selection

It can have this content:

    Vulnerable
        The kernel is vulnerable to the Indirect Target Selection attack.

    Mitigation: Aligned branch/return thunks

        The attack is mitigated in the kernel by aligned branch and return thunks. 

    Mitigation: Retpolines, Stuffing RSB

        The attack is mitigated in the kernel by retpolines and/or RSB stuffing.

Configuration:

    indirect_target_selection=on

        The mitigations for Indirect Target selections are enabled if needed.

    indirect_target_selection=off

        The mitigations for Indirect Target selections are disabled.

    indirect_target_selection=force

        The mitigations for Indirect Target selections are always enabled.

    If not specified, this mitigation follows of the global "mitigations" commandline setting.

https://www.vusec.net/projects/training-solo/
https://www.suse.com/security/cve/CVE-2024-28956
https://www.suse.com/security/cve/CVE-2025-24495
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01153.html