From owner-freebsd-security@freebsd.org Wed Jun 13 21:12:48 2018 Return-Path: <owner-freebsd-security@freebsd.org> Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 888A21017C0A for <freebsd-security@mailman.ysv.freebsd.org>; Wed, 13 Jun 2018 21:12:48 +0000 (UTC) (envelope-from gordon@tetlows.org) Received: from mail-qk0-x232.google.com (mail-qk0-x232.google.com [IPv6:2607:f8b0:400d:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1D5777CB6F for <freebsd-security@freebsd.org>; Wed, 13 Jun 2018 21:12:48 +0000 (UTC) (envelope-from gordon@tetlows.org) Received: by mail-qk0-x232.google.com with SMTP id w23-v6so2419648qkb.8 for <freebsd-security@freebsd.org>; Wed, 13 Jun 2018 14:12:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tetlows.org; s=google; h=date:from:to:subject:message-id:mime-version:content-disposition :user-agent; bh=HNg75qs1c01gxEJge3vzxzOiXbORWDgVokWrRznUUuw=; b=Wvw6/ZHYbbd1sfkJAJUKLZ86Jf25v/a0PxtTax053MP9KV2h8fVIepDyG0zOXL35ET Pysz0AUQIvb16BsisXaxWQ3pIpY1ySo+jxIzw/t4QjZr3bnSWVYjjkyWrZbX0IySjmYJ fQtwzzfg+WUeoYDUOj1fwtH5pXF8PiANB2LIY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:mime-version :content-disposition:user-agent; bh=HNg75qs1c01gxEJge3vzxzOiXbORWDgVokWrRznUUuw=; b=F9GP7PZNq5cs9L5Qru6x6LRhE7oIAXXI3qxMCic23ux0PwNIQSjjdK0SnAbSJndBSK 2IUd7WWksV9FIm/3w9PNdanieziYJMJvyuoGuYh3isyisvp5th6YaB+2hJ7PVCrStlMS mrmYeVrBeM9gQAXRB8lkYbgOct5bMirzHUppRda0adBmYILSD8526b9rkO+VGAel9Lzr pFrpcjfVbUlZKsBURz9L6CpiOxFfaR9j6feLuth767LASWtswZMq0BGZlUP8Z0Qbl7KQ gL1+YdftIXpSZtTsvcjlRY85L6AexHk5i0F/yI7U7DETzM9b9Ka61KzzksmnWHI+iUGy ZBGA== X-Gm-Message-State: APt69E0MgTQLIrpUQeLQO6ym00OgEIwTzO/VssL1VV2zJlIIutMEQ8UM xRleLrMdArkK+Rv6kW/OI68LxiUVDw== X-Google-Smtp-Source: ADUXVKKzuVJq+sHKqIwslyU1rIAOzJY2jdl1cJgCFm4tp/FjoKpXEmTXpdT8MiEDcpjUWmJbjmooeA== X-Received: by 2002:a37:2455:: with SMTP id w82-v6mr6280203qkg.165.1528924367519; Wed, 13 Jun 2018 14:12:47 -0700 (PDT) Received: from gmail.com ([2607:fc50:0:7900:0:dead:beef:cafe]) by smtp.gmail.com with ESMTPSA id o66-v6sm2987762qki.93.2018.06.13.14.12.46 for <freebsd-security@freebsd.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 13 Jun 2018 14:12:46 -0700 (PDT) Date: Wed, 13 Jun 2018 14:12:45 -0700 From: Gordon Tetlow <gordon@tetlows.org> To: freebsd-security@freebsd.org Subject: Lazy FPU State Restore Message-ID: <20180613211245.GC22782@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="vOmOzSkFvhd7u8Ms" Content-Disposition: inline User-Agent: Mutt/1.10.0 (2018-05-17) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "Security issues \[members-only posting\]" <freebsd-security.freebsd.org> List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/> List-Post: <mailto:freebsd-security@freebsd.org> List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help> List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, <mailto:freebsd-security-request@freebsd.org?subject=subscribe> X-List-Received-Date: Wed, 13 Jun 2018 21:12:48 -0000 --vOmOzSkFvhd7u8Ms Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Dear FreeBSD community, Intel has recently announced a side-channel information disclosure via floating point unit (FPU) context switch. This issue has been assigned CVE-2018-3665. It is our understanding this issue affects a subset of Intel processors. More information is available directly from Intel: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html We have addressed this issue with a recent commit to 12-CURRENT for the 64-bit x86 architecture (FreeBSD/amd64): https://svnweb.freebsd.org/changeset/base/335072 Further commits will be forthcoming for stable branches along with an additional patch to remediate this issue for i386. We also intend to merge this to the currently supported releases and will issue an update in the near future. FreeBSD Security Team --vOmOzSkFvhd7u8Ms Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGTBAABCgB9FiEEuyjUCzYO7pNq7RVv5fe8y6O93fgFAlshiM1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEJC MjhENDBCMzYwRUVFOTM2QUVEMTU2RkU1RjdCQ0NCQTNCRERERjgACgkQ5fe8y6O9 3fgc9gf/bQGvaN5lbd1l15bo5Ditc+evD2V3J51yDDy8G8HUuzdt57U96YCaoNmd Snlx3nlpZ3IGKD3WL6zklO56R3/m8ASgleXFPqMveHNzzPWSc71Dn0LEWKWF3HAh 7IcHMu7zXkr4TXK/t313002LVQGbsrUq4JkaH6b19HJJVu1odgD5iDZJMchyGkoq lRtQAKzMA2cQi3k1B4Ni/VtZYr3Q5I6IMZwHza7jWQCqQ3Q9HOvhLj3bQkULDyo0 6JQLBzkt+FZuKoFhgRpQW53P1x2M+G3mVaZFltDPNY1rCQimTUs3PXniIl1OEO4H ftnaPPIJIK9VpJPFPjwC3ZjnKy8+Ug== =ZKw1 -----END PGP SIGNATURE----- --vOmOzSkFvhd7u8Ms--