Thought this would be of interest here. It says IBMz _HAS_ the problem. Along with POWER8 and ARM, not just "Intel compatible" (BAD).
---------- Forwarded message --------- From: Alan Ackerman <[email protected]> Date: Mon, May 21, 2018 at 9:36 PM Subject: Kernel Side-Channel Attack using Speculative Store Bypass To: <[email protected]> I got this from Red Hat at https://www.redhat.com/en/blog/speculative-store-bypass-explained-what-it-how-it-works which points to https://access.redhat.com/security/vulnerabilities/ssbd which says: "This issue has been assigned CVE-2018-3639 <https://access.redhat.com/security/cve/cve-2018-3639> and is also referred to as “Variant 4” or “Speculative Store Bypass”. This issue is known to affect CPUs of various microarchitectures from: AMD <https://www.amd.com/en/corporate/security-updates>, ARM <https://developer.arm.com/support/arm-security-updates>, IBM <https://www.ibm.com/blogs/psirt/> POWER8, POWER9, and SystemZ series, and Intel <https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html> processors. All currently supported versions of Red Hat Enterprise Linux, Red Hat OpenShift, Red Hat Virtualization, and Red Hat OpenStack Platform are affected." If we hear anything from IBM, I would guess it would be at their Security Site. I also I got this from US-CERT: https://www.us-cert.gov/ncas/alerts/TA18-141A. Alan Ackerman [email protected] -- Once a government places vague notions of public safety and security above the preservation of freedom, a general loss of liberty is sure to follow. GCS Griffin -- Pelaran Alliance -- TFS Guardian (book) Maranatha! <>< John McKown ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
