Re: Intel CPU CVE Issue: CVE-2022-21166/CVE-2022-21125/CVE-2022-21123

Reply: Chen, Alvin W: "RE: Intel CPU CVE Issue: CVE-2022-21166/CVE-2022-21125/CVE-2022-21123"
In reply to: Chen, Alvin W: "RE: Intel CPU CVE Issue: CVE-2022-21166/CVE-2022-21125/CVE-2022-21123"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: John Long <codeblue_at_inbox.lv>
Date: Thu, 16 Jun 2022 10:25:19 UTC

1st of all, my comment was because of your post but was not directed at 
you. Sorry if that was unclear.

2nd of all, great that they give advice. Not so great that people have 
to actually do the work. This costs everybody *besides Intel* a lot of 
money and there is no end in sight.

How about if Intel gives refunds to people afflicted by their defective 
products and pays remediation costs to software projects similarly 
afflicted? Maybe that would give them incentive to do a better job with 
the junk they're selling.

/jl

On 16-Jun-22 09:57, Chen, Alvin W wrote:
> Intel provides the migration guideline, please refer to : https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html
>   It looks like Linux (Ubuntu&Rehat&Suse) and Window are ready.
> 
>>
>>
>> [EXTERNAL EMAIL]
>>
>> Does Intel fund OS and application level mitigations of their never-ending
>> failure to design or implement anything properly?
>>
>> It's hard to understand why the victims should pay...
>>
>> /jl
>>
>> On 16-Jun-22 07:51, Chen, Alvin W wrote:
>>> Hi community,
>>>
>>> Are there any fixes available to fix this Intel CPU CVE issues on FreeBSD?
>>>
>>> Regards,
>>>
> 
> 
> Internal Use - Confidential