--- wikisrc/security/meltdown_spectre.mdwn	2018/05/04 07:34:51	1.28
+++ wikisrc/security/meltdown_spectre.mdwn	2018/05/22 07:27:25	1.29
@@ -92,6 +92,18 @@ riscv		|(Spec.)	|Not vulnerable	|		|		|
 		|ARM (others)	|Not vulnerable	|		|		|
 """]]
 
+## Spectre Variant 4
+
+[[!table data="""
+Port		|Vendor/Model	|Spectre (V4)	|NetBSD-7	|NetBSD-8	|NetBSD-current
+amd64		|Intel		|Vulnerable	|Not fixed	|Not fixed	|Fixed [MitigE]
+amd64		|AMD		|Unknown	|		|		|
+amd64		|VIA		|Unknown	|		|		|
+i386		|Intel		|Vulnerable	|Not fixed	|Not fixed	|Fixed [MitigE]
+i386		|AMD		|Unknown	|		|		|
+i386		|VIA		|Unknown	|		|		|
+"""]]
+
 ## Mitigations
 
 ### Mitigation A: SVS
@@ -118,6 +130,12 @@ automatically. It can be dynamically dis
 SpectreV2 is mitigated in the kernel with the GCC "retpoline" compilation
 flag, which is enabled by default in GENERIC.
 
+### Mitigation E: Intel SSBD
+
+SpectreV4 can be mitigated with the SSBD method (Intel only for now). It
+can be dynamically enabled by changing the "machdep.spectre_v4.mitigated"
+sysctl.
+
 ## External Resources
 
 * [MIPS Blog Post](https://www.mips.com/blog/mips-response-on-speculative-execution-and-side-channel-vulnerabilities/)