Date: Wed, 13 Jun 2018 14:12:45 -0700 From: Gordon Tetlow <gordon@tetlows.org> To: freebsd-security@freebsd.org Subject: Lazy FPU State Restore Message-ID: <20180613211245.GC22782@gmail.com>
next in thread | raw e-mail | index | archive | help
--vOmOzSkFvhd7u8Ms Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Dear FreeBSD community, Intel has recently announced a side-channel information disclosure via floating point unit (FPU) context switch. This issue has been assigned CVE-2018-3665. It is our understanding this issue affects a subset of Intel processors. More information is available directly from Intel: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html We have addressed this issue with a recent commit to 12-CURRENT for the 64-bit x86 architecture (FreeBSD/amd64): https://svnweb.freebsd.org/changeset/base/335072 Further commits will be forthcoming for stable branches along with an additional patch to remediate this issue for i386. We also intend to merge this to the currently supported releases and will issue an update in the near future. FreeBSD Security Team --vOmOzSkFvhd7u8Ms Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGTBAABCgB9FiEEuyjUCzYO7pNq7RVv5fe8y6O93fgFAlshiM1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEJC MjhENDBCMzYwRUVFOTM2QUVEMTU2RkU1RjdCQ0NCQTNCRERERjgACgkQ5fe8y6O9 3fgc9gf/bQGvaN5lbd1l15bo5Ditc+evD2V3J51yDDy8G8HUuzdt57U96YCaoNmd Snlx3nlpZ3IGKD3WL6zklO56R3/m8ASgleXFPqMveHNzzPWSc71Dn0LEWKWF3HAh 7IcHMu7zXkr4TXK/t313002LVQGbsrUq4JkaH6b19HJJVu1odgD5iDZJMchyGkoq lRtQAKzMA2cQi3k1B4Ni/VtZYr3Q5I6IMZwHza7jWQCqQ3Q9HOvhLj3bQkULDyo0 6JQLBzkt+FZuKoFhgRpQW53P1x2M+G3mVaZFltDPNY1rCQimTUs3PXniIl1OEO4H ftnaPPIJIK9VpJPFPjwC3ZjnKy8+Ug== =ZKw1 -----END PGP SIGNATURE----- --vOmOzSkFvhd7u8Ms--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180613211245.GC22782>