> - Why are L1TF and Meltdown not mitigated in kernel-default but only in > kernel-pae? https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=61a6bd83abf2f14b2a917b6a0279c88d299267af > - Is it possible to mitigate MDS and 'Spec store bypass' through kernel > or only through microcode? As previously stated, only through microcode update. > - Can L1TF, MDS or 'Spec store bypass' be exploited through web > JavaScript, like shown in the video/papers? L1TF: https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html#mitigation-selection-guide MDS: https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html#attack-scenarios SSB: https://software.intel.com/security-software-guidance/software-guidance/speculative-store-bypass > https://lkml.org/lkml/2019/12/8/205 The section "Process Isolation" here https://software.intel.com/security-software-guidance/software-guidance/speculative-store-bypass kinda explains what you need to do. The section "Web-Browsers" here https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html#attack-scenarios says that MDS exploitation through JS is highly-unlikely. The section "Mitigation selection guide" here https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html#mitigation-selection-guide says that if you don't use virtualization, the system is protected, as I already pointed out previously. And that's all the answers I can give you: I cannot tell you just by describing what you do whether what you do is absolutely secure. Maybe, maybe not. I also cannot tell you how likely is a "highly-unlikely" exploitation. I don't think anyone would give you guarantees here. What I can tell you is that we do our best to have the kernel up-to-date and contain the latest mitigations. I sincerely hope that helps.