sunrat Posted May 15, 2019 Share Posted May 15, 2019 More attack vectors have been discovered in Intel CPUs. Linux kernel devs frantically develop patches: https://www.zdnet.com/article/linux-vs-zombieload/ 2 Quote Link to comment Share on other sites More sharing options...
abarbarian Posted May 15, 2019 Share Posted May 15, 2019 More attack vectors have been discovered in Intel CPUs. Linux kernel devs frantically develop patches: https://www.zdnet.co...-vs-zombieload/ Reading between the lines, except for people running stand-alone Linux desktops, Canonical recommended you make the patches and disable hyper-threading. This also means Linux-based containers and VMs are also open to attack. To protect yourself, you'll need to patch the following Linux files: Kernel, kernel-rt, libvirt, qemu-kvm, qemu-kvm-rhev, and microcode_clt on all your systems. In particular, there's a known attack vector for CE-2018-12130, which enables a malicious VM or container spy another containers or VMs. In other words, you must patch all your running containers and VMs on a server -- or one bad apple can reveal the data in the patched ones. Unlike the earlier Meltdown and Spectre problems, Intel was given time to ready itself for this problem. Intel has released microcode patches. These help clear the processor's buffers, thus preventing data from being read. To defend yourself, your processor must be updated, your operating system must be patched, and for the most protection, Hyper-Threading disabled. When Meltdown and Spectre showed up, the Linux developers were left in the dark and scrambled to patch Linux. This time, they've been kept in the loop. Quote Link to comment Share on other sites More sharing options...
securitybreach Posted May 15, 2019 Share Posted May 15, 2019 Archlinux got the patch yesterday: intel-ucode-20190514-1-any Quote Link to comment Share on other sites More sharing options...
sunrat Posted May 15, 2019 Author Share Posted May 15, 2019 Debian also has fresh security upgrades for intel-microcode and kernels. 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted May 15, 2019 Share Posted May 15, 2019 Hmm... no issues with AMD??? That's nice. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.