Dear FreeBSD community, Intel has recently announced a side-channel information disclosure via floating point unit (FPU) context switch. This issue has been assigned CVE-2018-3665. It is our understanding this issue affects a subset of Intel processors. More information is available directly from Intel: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html
We have addressed this issue with a recent commit to 12-CURRENT for the 64-bit x86 architecture (FreeBSD/amd64): https://svnweb.freebsd.org/changeset/base/335072 Further commits will be forthcoming for stable branches along with an additional patch to remediate this issue for i386. We also intend to merge this to the currently supported releases and will issue an update in the near future. FreeBSD Security Team
signature.asc
Description: PGP signature
