Major Intel Memory Vulnerability
Nathan O'Brennan
plugaz at codezilla.xyz
Wed Jan 3 18:12:14 MST 2018
Came across this Google blog article where they claim AMD is affected as
well.
https://security.googleblog.com/
On 2018-01-03 16:09, der.hans wrote:
> Am 02. Jan, 2018 schwätzte Matthew Crews so:
>
> moin moin,
>
> the bugs now have names and logos, let the marketing begin.
>
> http://www.zdnet.com/article/security-flaws-affect-every-intel-chip-since-1995-arm-processors-vulnerable/
>
> ###
> Am I affected by the bug?
>
> Most certainly, yes.
> ###
>
> Rumors thus far:
>
> * new Linux kernel has a 'fix' for some value of 'fix'
>
> * microsoft will force an update tonight
>
> * a macos update from early December already has the fix
>
> * AWS east will be doing reboots tomorrow
>
> * AZURE will have extra reboots in the near future
>
> * Google Android systems ( Nexus and Pixel ) have fixes available, but
> might be mostly unaffected anyway
>
> * tshirts available soon ;-)
>
> ciao,
>
> der.hans
>
>> https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
>>
>> In a nutshell, it is a major security flaw in Intel hardware dating
>> back a decade that is requiring a complete kernel rewrite for every
>> major OS (Linux, Windows, Mac, etc) in order to patch out. It cannot
>> be patched out with a CPU microcode update. Major enough that code
>> comments are redacted in the patches until an embargo period is
>> expired. Also the reported fix will have a huge performance impact.
>>
>> Also crucial to note is that AMD chips are not affected by this.
>>
>> How the heck does something like this go unnoticed for so long?
>>
>> Sent from [ProtonMail](https://protonmail.com), Swiss-based encrypted
>> email.
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
More information about the PLUG-discuss
mailing list