[svlug] Intel CPUs' Kernel Page Table Isolation (KPTI) fix
newmans at sonic.net
Thu Jan 4 11:30:32 PST 2018
On 01/04/2018 12:44 AM, Rick Moen wrote:
> What's a 30% CPU performance hit between friends?
> ----- Forwarded message from Vincent Deffontaines <vincent at gryzor.com> -----
> Date: Wed, 03 Jan 2018 11:43:40 +0100
> From: Vincent Deffontaines <vincent at gryzor.com>
> To: debian-security at lists.debian.org
> Subject: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With
> Up To 30% Performance Hit
> And happy new year.
> This is hitting all of us soon.
> In short: a huge (and long lasting) hardware bug, present in about
> all Intel CPUs that have been sold for the last 10 years.
> It is not fixable by microcode, and requires ugly patching from the
> kernel layer . Other OSes such as Microsoft are concerned as well.
There are actually 3 different classes of vulnerabilities. It's not just intel. https://developer.arm.com/support/security-update
There will be microcode updates. I don't know if they will be needed for systems not running a VM.
More information about the svlug