http://bugzilla.suse.com/show_bug.cgi?id=1163120 http://bugzilla.suse.com/show_bug.cgi?id=1163120#c11 Borislav Petkov <bpetkov@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |WORKSFORME --- Comment #11 from Borislav Petkov <bpetkov@suse.com> --- (In reply to Suse User from comment #10)
Thank you for this info.
From the answers I understand it is a very complex field in which definitive answers cannot be given. I guess that although some things may be "highly unlikely" it is still a good idea to keep any technology which allows downloading and running unverified/utrusted code disabled by default (be it web JS, WASM or anything else).
You can always get a newer CPU for which there is microcode or get an AMD machine which is affected by less issues: /sys/devices/system/cpu/vulnerabilities/itlb_multihit:Not affected /sys/devices/system/cpu/vulnerabilities/l1tf:Not affected /sys/devices/system/cpu/vulnerabilities/mds:Not affected /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation: Speculative Store Bypass disabled via prctl and seccomp /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: usercopy/swapgs barriers and __user pointer sanitization /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD retpoline, IBPB: conditional, STIBP: disabled, RSB filling /sys/devices/system/cpu/vulnerabilities/tsx_async_abort:Not affected
I hope RISC-V will change the world of computers. ;)
I wouldn't put my hopes up. I'm pretty sure they'll screw it up in their own way. :-) Ok, we're done here, closing. -- You are receiving this mail because: You are on the CC list for the bug.