|
|
|
|
|
|
by ninjin
1058 days ago
|
|
|
There is further information from de Raadt on impact and mitigations [1]. Hearing that the microcode fixes from AMD does not cover all CPUs that are likely to be vulnerable is not great. Reading “[W]e are setting DE_CFG bit 9 on all the models that we think have the bug” is comforting and exactly what I would expect from the OpenBSD developers, as it follows what happened back around Heartbleed and it is one of the workarounds mentioned by the Zenbleed security researchers [2]. [1]: https://marc.info/?l=openbsd-misc&m=169025404406996&w=2 [2]: https://lock.cmpxchg8b.com/zenbleed.html#solution |
|
|