Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 15 Jun 2018 13:36:05 +0000
From: "Liguori, Anthony" <aliguori@...zon.com>
To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
Subject: Re: Re: Intel FP security issue

On Jun 15, 2018 6:26 AM, Marcus Meissner <meissner@...e.de> wrote:
>
> Hi,
>
> On Wed, Jun 13, 2018 at 11:07:18PM +0400, Loganaden Velvindron wrote:
> > On Wed, Jun 13, 2018 at 7:34 PM, Loganaden Velvindron
> > <loganaden@...il.com> wrote:
> > > Hi All,
> > >
> > > Both OpenBSD and DragonflyBSD have gone ahead and committed fixes for
> > > the rumored Intel FP issue:
> > >
> > > OpenBSD: https://marc.info/?l=openbsd-cvs&m=152818076013158&w=2
> > > DragonflyBSD: http://lists.dragonflybsd.org/pipermail/commits/2018-June/672324.html
> > >
> > > I think that the cat is already out of the bag, and releasing details
> > > of this security problem makes sense. Since this has gone public, Is
> > > there a reason to keep this under embargo ?
> > >
> >
> > FreeBSD appears to be moving in this direction too:
> > https://svnweb.freebsd.org/base?view=revision&revision=335072
>
> For the record, this is https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html
> aka CVE-2018-3665 with codename "Lazy FPU Save/Restore".
>
> XEN advisory https://xenbits.xen.org/xsa/advisory-267.html was posted here too, describing it a bit better.
>
> Full details are planned to be released June 27th.

The discover sent a post here but I suspect it's stuck in the moderation queue.  I'll repost later today.

Regards,

Anthony Liguori

>
> Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ