From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: CVE-2018-3665 mitigation in Linux Date: Wed, 20 Jun 2018 17:16:02 +0200 Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2319082303028199866==" List-Id: --===============2319082303028199866== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello, it occurred to me lately that I was unaware of any mitigations against CVE-2018-3665 (Spectre v5?/Lazy FPU), which might be used to extract even AES keys from certain CPUs if AES-NI is used. According to https://blog.cyberus-technology.de/posts/2018-06-06-intel-lazyfp= -vulnerability.html , countermeasures have been introduced against this back in Linux kernel 4.9, so the upcoming IPFire release is safe. Just thought you might want to know. Best regards, Peter M=C3=BCller --=20 "We don't care. We don't have to. We're the Phone Company." --===============2319082303028199866== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KCmlRSXpCQUVCQ2dBZEZpRUV2UDRTaUdoRVlE SnlyUkxrMlVqeUQzMTduMmdGQWxzcWI3SUFDZ2tRMlVqeUQzMTcKbjJnUGR3Ly9maWhLWkRtTis0 ZUMvemNTRWdGakxzbFpVZlhpK0VHSTNObEF0YnlkdVNzaVE2MDYxdDg3RkZCQQpacFJqb0pVbzVp VWpsZXVocnZMU3FqNms4aVNCY3NpN2MvQzFlS0lMTXRrNHpJbDhab09kcTBRZTlkeE9pWTEwClBw TzVieHdFWjd1WWJTaTd6bXRMbkNlV29LUEhVN2FxVFltWkplWEkrdHVWN25rNVlSZWptUzhheE9u eTZRQXMKRjFCeEYzWWViUm1YVGtZbEdOMFI0RU1zMmF0ZTUwSDNSc3ZKQndVZlZldWZEL1IzUHgx NHVSRU8rbW1kUFg2cgpNVHByVUlvR0czK3QxYmN0Nzc5K3JjdUJIWHk4ZCtuUlJndnBIdllodnFQ WjRpMGZZaHhvajlSTFpucUlOWU9kCmVwWU1XVjZaWjE1OCtYYmo5Q3JXRnNIM1ZadkZwcUcvejU2 bEIweGo0OWhZa1ViaWZyTzl4NDBIMU1MVElQb0YKcE85bW0xeFNGcTlHL1JGZkdodDljc0tQeita K01OYktxd0hzdWRYSzZYdy96ak84VHIrUkZuS0pRclF2SEg5WAplZWhJM0JMVk5xN2ZVWEJtZWNt VVZ4am52a0sxbmY0RnI1N2dpR3ZUNWtpeVdZV3h6MkYzeWxUNVRGVDBoR0JECkdiem9Pek9oU2Y4 enl6Q3NGNE5FcmxKT0szdXlQTGcyT1k4ZTRPelpDL09jT1h5Mk1KVEFuUVRNUlFrTS9EVkkKWHQr MlpkTUhKbnBQNjhyY3FhWjduZWpXZzFTREJzbERZckZpTDNiNWhhTnN4T1ozNFB1bFdWU2xhUEd6 N3BaRApyd3owdFN3NXdTLzdNcmx0MGxRbWJkemhXTlRNcndVaFZDRW43VWtFaTk4OGZsOFJxd0E9 Cj1CeGQ2Ci0tLS0tRU5EIFBHUCBTSUdOQVRVUkUtLS0tLQo= --===============2319082303028199866==--