From nobody Mon Aug 21 08:06:23 2023 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RTlRm1d7rz4qQJH for ; Mon, 21 Aug 2023 08:06:28 +0000 (UTC) (envelope-from chris@cretaforce.gr) Received: from relay4.cretaforce.gr (relay4.cretaforce.gr [195.201.253.147]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "*.cretaforce.gr", Issuer "RapidSSL TLS RSA CA G1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RTlRk6dlZz3clM for ; Mon, 21 Aug 2023 08:06:26 +0000 (UTC) (envelope-from chris@cretaforce.gr) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=cretaforce.gr header.s=cretaforce header.b=LSnQoz8e; spf=pass (mx1.freebsd.org: domain of chris@cretaforce.gr designates 195.201.253.147 as permitted sender) smtp.mailfrom=chris@cretaforce.gr; dmarc=pass (policy=none) header.from=cretaforce.gr Received: from server1.cretaforce.gr (server1.cretaforce.gr [94.130.217.104]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) client-signature RSA-PSS (2048 bits)) (Client CN "*.cretaforce.gr", Issuer "RapidSSL TLS RSA CA G1" (verified OK)) by smtp2.cretaforce.gr (Postfix) with ESMTPS id 3685D1FBA6 for ; Mon, 21 Aug 2023 11:06:25 +0300 (EEST) Received: from smtpclient.apple (unknown [80.107.124.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: chris@cretaforce.gr) by server1.cretaforce.gr (Postfix) with ESMTPSA id D77DDD5E6; Mon, 21 Aug 2023 11:06:24 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cretaforce.gr; s=cretaforce; t=1692605185; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cNcos0u2vghYQpw1nAm8eRbR2psPqK3tSt6BfJ+YQoA=; b=LSnQoz8eqB7mhDW/dGGYW5PuN7NnE2SCh8tmBz0wzlX2oFRdqOQNP9d5WSDvAKTI4nnCYb HN0Zl2G3cper4tlMPqXSlVqseQhmsoXHzm1gMUbeJOnvMqokds9k2rUZwj6zdi8FVD3w20 3Wa2hlTIeNl8rL3R3lxzkjxuYGpd3zU= From: Christos Chatzaras Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6\)) Subject: Intel/AMD Downfall/Inception Vulnerabilities Message-Id: Date: Mon, 21 Aug 2023 11:06:23 +0300 Cc: FreeBSD To: freebsd-security@freebsd.org X-Mailer: Apple Mail (2.3731.700.6) X-Spamd-Result: default: False [-4.60 / 15.00]; DWL_DNSWL_LOW(-1.00)[cretaforce.gr:dkim]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; MV_CASE(0.50)[]; DMARC_POLICY_ALLOW(-0.50)[cretaforce.gr,none]; R_DKIM_ALLOW(-0.20)[cretaforce.gr:s=cretaforce]; R_SPF_ALLOW(-0.20)[+ip4:195.201.253.147:c]; RCVD_IN_DNSWL_LOW(-0.10)[195.201.253.147:from]; MIME_GOOD(-0.10)[text/plain]; FROM_HAS_DN(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; BLOCKLISTDE_FAIL(0.00)[94.130.217.104:server fail,80.107.124.177:server fail,195.201.253.147:server fail]; FREEFALL_USER(0.00)[chris]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; DKIM_TRACE(0.00)[cretaforce.gr:+]; TO_DN_SOME(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCPT_COUNT_TWO(0.00)[2]; MIME_TRACE(0.00)[0:+]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:24940, ipnet:195.201.0.0/16, country:DE]; RCVD_TLS_ALL(0.00)[] X-Spamd-Bar: ---- X-Rspamd-Queue-Id: 4RTlRk6dlZz3clM Hello, There are security vulnerabilities in Intel and AMD processors. More information can be found at = https://www.openssl.org/blog/blog/2023/08/15/downfall/ It appears that changes are required both in the operating system code = and microcode/bios updates. If I remember correctly, when Spectre and Meltdown vulnerabilities were = disclosed in early 2018, there was significant controversy surrounding = the notification process. Several entities, including certain Linux = distributions and the FreeBSD project, were not informed as early as = some major tech companies. I am aware that work is currently being done for upcoming FreeBSD 14 = release and there may not be available human resources, but is there = anyone working on this? Kind regards, Christos Chatzaras=