Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 15 Jun 2018 15:25:07 +0200
From: Marcus Meissner <meissner@...e.de>
To: oss-security@...ts.openwall.com
Subject: Re: Re: Intel FP security issue

Hi,

On Wed, Jun 13, 2018 at 11:07:18PM +0400, Loganaden Velvindron wrote:
> On Wed, Jun 13, 2018 at 7:34 PM, Loganaden Velvindron
> <loganaden@...il.com> wrote:
> > Hi All,
> >
> > Both OpenBSD and DragonflyBSD have gone ahead and committed fixes for
> > the rumored Intel FP issue:
> >
> > OpenBSD: https://marc.info/?l=openbsd-cvs&m=152818076013158&w=2
> > DragonflyBSD: http://lists.dragonflybsd.org/pipermail/commits/2018-June/672324.html
> >
> > I think that the cat is already out of the bag, and releasing details
> > of this security problem makes sense. Since this has gone public, Is
> > there a reason to keep this under embargo ?
> >
> 
> FreeBSD appears to be moving in this direction too:
> https://svnweb.freebsd.org/base?view=revision&revision=335072

For the record, this is https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html
aka CVE-2018-3665 with codename "Lazy FPU Save/Restore".

XEN advisory https://xenbits.xen.org/xsa/advisory-267.html was posted here too, describing it a bit better.

Full details are planned to be released June 27th.

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ