RE: Intel CPU CVE Issue: CVE-2022-21166/CVE-2022-21125/CVE-2022-21123

From: Chen, Alvin W <Weike.Chen_at_Dell.com>
Date: Thu, 16 Jun 2022 10:43:11 UTC
It is the situation that the whole FreeBSD community facing: the lack of supporting from vendors, not only for Intel.
Many new HW features, like modern standby, Hybrid CPU, new chipsets drivers, need be done by vendors but FreeBSD community need do it.

FreeBSD community need influence HW vendors, like Intel, AMD, NV, Realtek, etc, to support FreeBSD kernel.

> 
> 1st of all, my comment was because of your post but was not directed at you.
> Sorry if that was unclear.
> 
> 2nd of all, great that they give advice. Not so great that people have to
> actually do the work. This costs everybody *besides Intel* a lot of money
> and there is no end in sight.
> 
> How about if Intel gives refunds to people afflicted by their defective
> products and pays remediation costs to software projects similarly afflicted?
> Maybe that would give them incentive to do a better job with the junk
> they're selling.
> 
> /jl
> 
> 
> 
> On 16-Jun-22 09:57, Chen, Alvin W wrote:
> > Intel provides the migration guideline, please refer to :
> https://urldefense.com/v3/__https://www.intel.com/content/www/us/en/
> developer/articles/technical/software-security-guidance/technical-
> documentation/processor-mmio-stale-data-
> vulnerabilities.html__;!!LpKI!hmDu57JpcyX8bLCYmgwME5HMtFj6y4veSOVX
> DzPioW2AQqc95nFtvEJSWspamkTh91k0TIZ0qN_uqkCBe1I$ [intel[.]com]
> >   It looks like Linux (Ubuntu&Rehat&Suse) and Window are ready.
> >
> >>
> >>
> >> [EXTERNAL EMAIL]
> >>
> >> Does Intel fund OS and application level mitigations of their
> >> never-ending failure to design or implement anything properly?
> >>
> >> It's hard to understand why the victims should pay...
> >>
> >> /jl
> >>
> >> On 16-Jun-22 07:51, Chen, Alvin W wrote:
> >>> Hi community,
> >>>
> >>> Are there any fixes available to fix this Intel CPU CVE issues on FreeBSD?
> >>>
> >>> Regards,
> >>>
> >


Internal Use - Confidential