Yet ANOTHER Intel vulnerability: Lazy FP State Restore

https://blog.cyberus-technology.de/posts/2018-06-06-intel-lazyfp-vulnerability.html

2 Likes

“Currently withheld by request from Intel”

Ugh. I get it, but that’s damn titillating. Really wanted to see the damn paper.

Noteworthy

Modern versions of Linux – from kernel version 4.9, released in 2016, and later – and modern Windows, including Server 2016, as well as the latest spins of OpenBSD and DragonflyBSD are not affected by this flaw (CVE-2018-3665).

Windows Server 2008 is among the operating systems that will need to be patched, we understand, and fixes for affected Microsoft and non-Microsoft kernels are on their way. The Linux kernel team is back-porting mitigations to pre-4.9 kernels.

2 Likes

They didn’t withhold the mitigation section. There’s a kernel argument right there for an immediate fix for Linux Kernels. Other operating systems will have to wait for security updates.

But if you are on a modern kernel, looks like there’s not much to worry about.