Hello,

it occurred to me lately that I was unaware of any mitigations against CVE-2018-3665 (Spectre v5?/Lazy FPU), which might be used to extract even AES keys from certain CPUs if AES-NI is used.

According to https://blog.cyberus-technology.de/posts/2018-06-06-intel-lazyfp-vulnerabili... , countermeasures have been introduced against this back in Linux kernel 4.9, so the upcoming IPFire release is safe.

Just thought you might want to know.

Best regards, Peter Müller