a thoughtful web.
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by johnnyFive

That is insane. Sucks that the Linux patches, at least, are rolling out for everyone, so AMD users will still see the performance hit even though they're apparently not vulnerable to the bug.

The Register thinks that AMD kind of spilled the beans on the nature of the vulnerability, and has seen proof-of-concept code that appears to confirm this:

    It appears, from what AMD software engineer Tom Lendacky was suggesting above, that Intel's CPUs speculatively execute code potentially without performing security checks. It seems it may be possible to craft software in such a way that the processor starts executing an instruction that would normally be blocked – such as reading kernel memory from user mode – and completes that instruction before the privilege level check occurs.




rrrrr  ·  2275 days ago  ·  link  ·  
rezzeJ  ·  2275 days ago  ·  link  ·  

There is also a different, but still major bug in AMD processors, according to this Guardian article: Meltdown and Spectre: ‘worst CPU bugs ever’ affect virtually all computers

    The Spectre flaw affects most modern processors made by a variety of manufacturers, including Intel, AMD and those designed by ARM, and potentially allows hackers to trick otherwise error-free applications into giving up secret information. Spectre is harder for hackers to take advantage of but is also harder to fix and would be a bigger problem in the long term, according to Gruss.
bhrgunatha  ·  2275 days ago  ·  link  ·  

According to this reddit post AMD is currently excluded from the patch.

Edit: That's for 4.15 kernel development so looks like there will be a short-term blip.