Lazy FPU State Restore
Gordon Tetlow
gordon at tetlows.org
Wed Jun 13 21:12:48 UTC 2018
Dear FreeBSD community,
Intel has recently announced a side-channel information disclosure via
floating point unit (FPU) context switch. This issue has been assigned
CVE-2018-3665. It is our understanding this issue affects a subset of
Intel processors. More information is available directly from Intel:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html
We have addressed this issue with a recent commit to 12-CURRENT for
the 64-bit x86 architecture (FreeBSD/amd64):
https://svnweb.freebsd.org/changeset/base/335072
Further commits will be forthcoming for stable branches along with an
additional patch to remediate this issue for i386. We also intend to
merge this to the currently supported releases and will issue an update
in the near future.
FreeBSD Security Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 618 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20180613/4dccf57b/attachment.sig>
More information about the freebsd-security
mailing list