-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Sphere: > https://www.bleepingcomputer.com/news/security/researchers-disclose-new-foreshadow-l1tf-vulnerabilities-affecting-intel-cpus/ > > There are other vulnerabilities disclosed along with this today and > if possible, I would like to confirm that as well. > > On a side note, I have long disabled Hyperthreading on my machine.
To me as a layman, it looks like Qubes is indeed vulnerable to the XSA-273 data leak, and that fixing it involves 1. disabling hyperthreading (by adding smt=off to the Xen command line) 2. AND upgrading Intel microcode to 20180807 3. AND upgrading Xen There's a pull request* for the new microcode package. As for Xen, the XSA says they're "not supplying separate patches because the changes have many complicated prerequisites", and their d95b5bb commit on the staging-4.8 branch is 42 patches ahead of RELEASE-4.8.4... :\ Rusty * https://github.com/QubesOS/qubes-intel-microcode/pull/2 -----BEGIN PGP SIGNATURE----- iQJ8BAEBCgBmBQJbdB8sXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4NEI1OUJDRkM2MkIxMjlGRTFCMDZEMDQ0 NjlENzhGNDdBQUYyQURGAAoJEEadePR6ryrf+A4P/jJopc94LC67vWz+PmkLOmB5 DaxS/VmFB70CNzfDmQMJ58YLOJ7z2wu9GEOOnHgP+KmAKsn9/xtp5nufrMfNoOd+ a7dezBA0b2vHy7aVaAXG3qhRL9PhHqpFhcUrudShATrUWdY2aFnaeRGSZDbwoR40 jGEgjxFFM2SGEtTHOEuKBBfLU/OJMw72ClmIAIdtvfEPABQ0WYw95OmcVTzi+tvZ 2bEwXJz1cXUovGzDPInbBBZm43m3X/r9FAnsFdLQXyjgRNkFc2LuhVz5Tc12NGjH 6Xb2qJlIhQVZjotRPqm506G6UrKrx5DB0lANY2/H8tl/tPACyoTY+EHrOJHIz/21 XipPbVVLqQJtQJOgQXCkHEPz49X1Deni/TFedrQxzEuTiOH5R/KVjqEe17cwyaL4 f6HHf94OiFHGKVmGtwySwMxxWiH9T0UOu3+Xzo3UNE9IPkLoakcXMTvaLFJS9Hfa AFZil3+aKMogWWRS0mJJc0UX+m9jpPdwERdXAriqAY4mp59TJ3qt5OFEobSlG4kD aRIfBiQbMRZagfwtsHLTxwEymwMyaovm/q7hv6cZvNYm2S7cztMdFXeUquYlZgJi ZzCr+AirENSDSBq+hCosnGdvwAAemiUBpRh3kXHMuOTtR1Lu3ulnatN64SCznzPR M8ZJnNdpOLX4RqU/yTr/ =E4BM -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180815124012.GA923%40mutt. For more options, visit https://groups.google.com/d/optout.
