On Thu, Feb 13, 2020 at 11:41:16AM +0100, Carlos E. R. wrote:
On 13/02/2020 08.30, Marcus Meissner wrote:
Hi,
On Wed, Feb 12, 2020 at 08:29:53PM -0800, PGNet Dev wrote:
This security update
https://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html
addresses
...
on an old, but otherwise functional, laptop,
cat /proc/cpuinfo | grep -i "model name" model name : Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
...
a check with
spectre-meltdown-checker.sh --version Spectre and Meltdown mitigation detection tool v0.43
returns
...
and
cat /sys/devices/system/cpu/vulnerabilities/mds Vulnerable: Clear CPU buffers attempted, no microcode; SMT disabled
what additional mitigation, &/or specific microcode update is required to complete the mitigations?
A newer processor. :/
Sadly, Intel does not provide updated microcode for older processors.
Doesn't the Linux kernel include other mitigations besides Intel provided microcode?
If only new processors are covered by them, we are doomed. :-(
Some of the processor mitigations can be done in software, like retpolines or spectre v1 and v3 like fixes, or L1TF baremetal fixes. Others need CPU Microcode help, and yes, these are then problematic. The major ones like Meltdown, SPectre v1, v2 are covered by software only solutions, the rest has a smaller impact. If you are just using this as your home machine or laptop, no need to worry. Realistic attack scenarios include multiuser servers, either with untrusted users or untrusted VMs. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org