Spotted over on HN:
The mysterious case of the Linux Page Table Isolation patches (archive)
tl;dr: there is presently an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve. Urgent development of a software mitigation is being done in the open and recently landed in the Linux kernel, and a similar mitigation began appearing in NT kernels in November. In the worst case the software fix causes huge slowdowns in typical workloads. There are hints the attack impacts common virtualization environments including Amazon EC2 and Google Compute Engine, and additional hints the exact attack may involve a new variant of Rowhammer.
Turns out 2018 might be more interesting than first thought. So grab some popcorn and keep those systems patched!
(Score: 3, Interesting) by Dr Spin on Tuesday January 02 2018, @09:54AM (1 child)
Rowhammer vulnerability implies DEFECTIVE HARDWARE. If you CPU is vulnerable to this, it is goods not of merchandisable quality ie unfit for the purpose for which is is sold (computing), and should be replaced without charge by the manufacturer (Intel). If not, its probably because you live in a country without adequate protection for consumers (eg USA) and (possibly violent*) protests may be required to get the law changed.
*Ask the NRA for legal advice
Warning: Opening your mouth may invalidate your brain!
(Score: 2) by Dr Spin on Tuesday January 02 2018, @10:04AM
OP: I had thought the Rowhammer failure was in the cache memory - it appears to be in main memory (at least in this context). In that case it is the memory manufacturer selling duff product, not the CPU manufacturer.
Warning: Opening your mouth may invalidate your brain!