On Wednesday, January 3, 2018, Christos Zoulas <chris...@astron.com> wrote:
> In article <5267d400-4a5e-e27f-906d-d2d6e048d...@gmail.com>, > Chuck Zmudzinski <frchu...@gmail.com> wrote: > >Today news of critical vulnerabilities (for example, > >http://www.zdnet.com/article/google-reveals-trio-of- > speculative-execution-flaws-says-amd-affected/ > >) affecting Intel and Arm and maybe AMD processors hit the press. News > >reports say all platforms using these chips, such as Linux, Microsoft, > >and Apple are affected since the flaw is in hardware but the fix must be > >made in the software operating system kernel. It has been reported that > >Linux developers say the fix involves fundamental changes to the way the > >Linux kernel handles virtual memory and they have been working on the > >fix for a while (see for example, > >http://www.zdnet.com/article/major-linux-redesign-in-the- > works-to-deal-with-intel-chip-security-problem/ > >). I could not tell from NetBSD security documentation if NetBSD is > >vulnerable to these flaws or not or if work has been done in NetBSD to > >mitigate these security flaws in the hardware that NetBSD runs on. Can > >anyone say if NetBSD is vulnerable? > > Yes, NetBSD is vulnerable on the processors affected. > > christos > Thanks for letting us know. Chuck Zmudzinski
