oss-sec mailing list archives
Re: Re: Intel FP security issue
From: Marcus Meissner <meissner () suse de>
Date: Fri, 15 Jun 2018 15:25:07 +0200
Hi, On Wed, Jun 13, 2018 at 11:07:18PM +0400, Loganaden Velvindron wrote:
On Wed, Jun 13, 2018 at 7:34 PM, Loganaden Velvindron <loganaden () gmail com> wrote:Hi All, Both OpenBSD and DragonflyBSD have gone ahead and committed fixes for the rumored Intel FP issue: OpenBSD: https://marc.info/?l=openbsd-cvs&m=152818076013158&w=2 DragonflyBSD: http://lists.dragonflybsd.org/pipermail/commits/2018-June/672324.html I think that the cat is already out of the bag, and releasing details of this security problem makes sense. Since this has gone public, Is there a reason to keep this under embargo ?FreeBSD appears to be moving in this direction too: https://svnweb.freebsd.org/base?view=revision&revision=335072
For the record, this is https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html aka CVE-2018-3665 with codename "Lazy FPU Save/Restore". XEN advisory https://xenbits.xen.org/xsa/advisory-267.html was posted here too, describing it a bit better. Full details are planned to be released June 27th. Ciao, Marcus
Current thread:
- Intel FP security issue Loganaden Velvindron (Jun 13)
- Re: Intel FP security issue Loganaden Velvindron (Jun 13)
- Re: Re: Intel FP security issue Marcus Meissner (Jun 15)
- <Possible follow-ups>
- Re: Re: Intel FP security issue Liguori, Anthony (Jun 15)
- Re: Intel FP security issue Solar Designer (Jun 15)
- Re: Intel FP security issue Anthony Liguori (Jun 15)
- Re: Intel FP security issue Solar Designer (Jun 15)
- Re: Intel FP security issue Loganaden Velvindron (Jun 13)