addition at bottom :- On 05/01/2018, shirish शिरीष <shirisha...@gmail.com> wrote: > Dear all, > > While I don't want to be the paranoid one here, the situation here > seems to demand it. > > 3 Days back the Register broke the story of a chip vulnerability - > > https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ > > While it seeked to paint only Intel, it is now learnt that the issue > is across the board, i.e. Intel, AMD, ARM all have the same > vulnerability > > It defeats or compromises KASLR which itself is just 4 years old > technology. > > AFAIK it would need two solutions, one is the appropriate microcode > for your chip architecture, I know Intel and AMD have the respective > intel-microcode and amd64-microcode > > % aptitude search microcode > p amd64-microcode > - Processor microcode firmware for AMD CPUs > i intel-microcode > - Processor microcode firmware for Intel CPUs > p microcode.ctl > - Intel IA32/IA64 CPU Microcode Utility (transitional > package) > > % apt-cache policy intel-microcode > intel-microcode: > Installed: 3.20171215.1 > Candidate: 3.20171215.1 > Version table: > *** 3.20171215.1 100 > 1 http://httpredir.debian.org/debian unstable/non-free amd64 > Packages > 100 /var/lib/dpkg/status > 3.20171117.1 900 > 900 http://httpredir.debian.org/debian buster/non-free amd64 > Packages > > > According to Henrique it would take another week to have the whole > thing on the microcode side of the things - > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886367 > > On top of that you would need a newer kernel which mitigates some more > of the effects. > > Techcrunch did a detailed blog post on the subject alongwith some idea > of the timeline > > https://techcrunch.com/2018/01/03/kernel-panic-what-are-meltdown-and-spectre-the-bugs-affecting-nearly-every-computer-and-device/ > > The only good thing is that it doesn't increase any remote attack > vector than before but it does mean that people should be more > circumspect about any software they download at least till the next > couple of weeks when kernel updates and cpu-microcodes should take > some of the steam off. > > The bad news is that it will take some of the performance of the table > but that is to be expected. > > An interesting side-story which has developed also talks about the > current Intel CEO's doings > > https://techcrunch.com/2018/01/04/after-meltdown-and-spectre-revelation-questions-arise-about-timing-of-intel-ceos-stock-sales/ > > Hope everybody does the right thing, get the latest microcodes and > update your kernel as fast as you can. > > -- > Regards, > Shirish Agarwal शिरीष अग्रवाल > My quotes in this email licensed under CC 3.0 > http://creativecommons.org/licenses/by-nc/3.0/ > http://flossexperiences.wordpress.com > EB80 462B 08E1 A0DE A73A 2C2F 9F3D C7A4 E1C4 D2D8 >
See also - https://lwn.net/Articles/743246/#Comments -- Regards, Shirish Agarwal शिरीष अग्रवाल My quotes in this email licensed under CC 3.0 http://creativecommons.org/licenses/by-nc/3.0/ http://flossexperiences.wordpress.com EB80 462B 08E1 A0DE A73A 2C2F 9F3D C7A4 E1C4 D2D8 _______________________________________________ plug-mail mailing list plug-mail@plug.org.in http://list.plug.org.in/listinfo/plug-mail