Intel & Arm & AMD and vulnerabilities in 2022

Problem with open-source hardware is that it won’t glow in the dark…

image

And you know kids this days love all things RGB :rofl:

4 Likes

The vulnerability does not appear to be a choice between processor architectures, although at first only Intel was affected.

new vulnerabilites for Intel ( all CPU since Haswell ) and AMd Zen2/3

mitigation are ready for next Kernels version coming

1 Like

Kernel 5.18.5, AMD Ryzen 5 5600x:

$ grep . -r /sys/devices/system/cpu/vulnerabilities/
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Retpolines, IBPB: conditional, IBRS_FW, STIBP: always-on, RSB filling
/sys/devices/system/cpu/vulnerabilities/itlb_multihit:Not affected
/sys/devices/system/cpu/vulnerabilities/mmio_stale_data:Not affected
/sys/devices/system/cpu/vulnerabilities/mds:Not affected
/sys/devices/system/cpu/vulnerabilities/l1tf:Not affected
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation: Speculative Store Bypass disabled via prctl
/sys/devices/system/cpu/vulnerabilities/tsx_async_abort:Not affected
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: usercopy/swapgs barriers and __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/srbds:Not affected
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected

only series 5000 zen3 desktop are not affected

2 Likes

new vulnerabilities ,
mitigation are on the road for next kernel stable update

concerns Intel ( 6th to 8th gen) - (Zen / Zen2) AMD
https://comsec.ethz.ch/research/microarch/retbleed/

1 Like

ZEN3 not affected:
https://twitter.com/phoronix/status/1546942317071826945

That’s fantastic! I have a 5800H. Woo. Feeling the luck on that one.

2 Likes

Me too…

image

Another mitigation to mitigate with mitigations=off. Yay.

1 Like

image

1 Like
1 Like
1 Like

Reminds me of the early Sims games.

One more to the infinite list…

https://www.phoronix.com/news/AMD-Side-Channel-SQUIP

image

If CPU manufacturers were held accountable like everyone else then we would have better CPUs. Reason? They wouldn’t be so ambitious in using hacks which cause these vulnerabilities in the name of performance.

If they were held accountable then Microborg would be out of business, and so would Intel and AMD if everything stays the way it is.

Meanwhile, if they were held accountable point 1 applies AND we would have more secure CPUs with the same performance which is my second point.

But the legal system sucks and has tons of loopholes so this will never happen in even the sweetest of my dreams. :sigh:

Me thinking that my CPU was “patched”…

giphy

https://www.phoronix.com/news/AMD-CPU-Linux-Microcode-Thread

1 Like

Hm, new agesa version 1.2.0.8 coming

1 Like

I’m running 1.2.0.7 right now. Don’t see anything on the MSI site yet.

I’m also running 1.2.0.7, no BIOS releases for my chipset yet (b550).
Some Asus X570 boards already received a new BIOS… But not all, lets see…