As people who read one or more of El Reg || Phoronix || Toms Hardware will be aware, there have been some announcements by Intel on Tuesday.
The first is described as the 'Jump Conditional Code (JCC) Erratum'. This is not technically listed as a vulnerability. Quoting from Phoronix: "Intel is today making public the Jump Conditional Code (JCC) erratum. This is a bug involving the CPU's Decoded ICache where on Skylake and derived CPUs where unpredictable behavior could happen when jump instructions cross cache lines." Apparently, the new microcode (20191112) fixes this, at the cost of various slowdowns in both kernel and userspace. The second and third items _are_ listed as vulnerabilities: TSX Async Abort (TAA) CVE-2019-11135 (another mds-style vulnerability, only now disclosed) - according to Toms Hardware this affects certain Whiskey Lake, Cascade Lake and Coffee Lake R CPUs. ilTLB Multihit CVE-2018-12207 (malicious guests in a virtualized system) Further details of these vulnerabilities are at https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/index.html None of this applies to AMD processors. There are workarounds for the vulnerabilities in kernels 5.3.11, 4.19.84, 4.14.154, 4.9.201 and 4.4.201 (and I hope nobody here is using those last three). From the release notes for the new microcode I don't think that anything older than Skylake has got new microcode. ĸen -- Whilst all mushrooms are edible, the trick is to eat only those which will prove to be edible more than once. The Celebrated Discworld Almanak recommends you play safe and eat beans on toast. -- http://lists.linuxfromscratch.org/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
