http://bugzilla.suse.com/show_bug.cgi?id=1163120 http://bugzilla.suse.com/show_bug.cgi?id=1163120#c6 --- Comment #6 from Suse User <suseino@riseup.net> --- I suppose the confusion comes from this bug report being about other vulnerabilities too (as seen in the initial attachment): # with kernel-default: - l1tf - mds - meltdown - spectre store bypass + itlb multihit # with kernel-pae (fewer but still not fully mitigated): - mds - spectre store bypass + itlb multihit Considering this difference between kernel-default and kernel-pae + the fact that the microcode is the same whether I use either kernel: I thought that some of the vulnerabilities are not just a matter of microcode but kernel level mitigations exists.
So what exactly are you asking?
(1) After the above clarification, I suppose you can have a second look to my previous question.
What about kernel-level mitigations? Are these impossible, i.e. is microcode the only way to mitigate the remaining vulnerabilities?
(2) My other question is: https://lkml.org/lkml/2019/12/8/205 *I understand (2) and the answer to it may be considered off-topic to this bug report but I still hope you could shed some light on it too (in direct email is fine too, if you think it would be more appropriate). -- You are receiving this mail because: You are on the CC list for the bug.