Annotation of wikisrc/security/meltdown_spectre.mdwn, revision 1.17
1.6 maxv 1: [[!meta title="Meltdown and Spectre Status Page"]]
1.1 maxv 2:
3: Status of the Fixes
4: -------------------
5:
1.7 maxv 6: ## Spectre Variant 1
7:
1.1 maxv 8: [[!table data="""
1.10 maxv 9: Port |Vendor/Model |Spectre (V1) |NetBSD-6 |NetBSD-7 |NetBSD-8 |NetBSD-current
1.17 ! maxv 10: amd64 |Intel |Vulnerable |No fix planned |Not fixed |Not fixed |Not fixed
! 11: amd64 |AMD |Vulnerable |No fix planned |Not fixed |Not fixed |Not fixed
1.11 maxv 12: amd64 |VIA |Unknown | | | |
1.17 ! maxv 13: i386 |Intel |Vulnerable |No fix planned |Not fixed |Not fixed |Not fixed
! 14: i386 |AMD |Vulnerable |No fix planned |Not fixed |Not fixed |Not fixed
1.11 maxv 15: i386 |VIA |Unknown | | | |
1.12 maxv 16: mips |MIPS P5600 |Vulnerable |Not fixed |Not fixed |Not fixed |Not fixed
17: mips |MIPS P6600 |Vulnerable |Not fixed |Not fixed |Not fixed |Not fixed
18: mips |Other Models |Not vulnerable | | | |
1.14 maxv 19: ia64 |Intel |Not vulnerable | | | |
1.15 maxv 20: riscv |(Spec.) |Not vulnerable | | | |
1.1 maxv 21: """]]
22:
1.7 maxv 23: ## Spectre Variant 2
24:
1.1 maxv 25: [[!table data="""
1.10 maxv 26: Port |Vendor/Model |Spectre (V2) |NetBSD-6 |NetBSD-7 |NetBSD-8 |NetBSD-current
1.17 ! maxv 27: amd64 |Intel |Vulnerable |No fix planned |Not fixed |Not fixed |Not fixed
! 28: amd64 |AMD |Vulnerable |No fix planned |Not fixed |Not fixed |Not fixed
1.11 maxv 29: amd64 |VIA |Unknown | | | |
1.17 ! maxv 30: i386 |Intel |Vulnerable |No fix planned |Not fixed |Not fixed |Not fixed
! 31: i386 |AMD |Vulnerable |No fix planned |Not fixed |Not fixed |Not fixed
1.11 maxv 32: i386 |VIA |Unknown | | | |
1.12 maxv 33: mips |MIPS P5600 |Vulnerable |Not fixed |Not fixed |Not fixed |Not fixed
34: mips |MIPS P6600 |Vulnerable |Not fixed |Not fixed |Not fixed |Not fixed
35: mips |Other Models |Not vulnerable | | | |
1.14 maxv 36: ia64 |Intel |Not vulnerable | | | |
1.15 maxv 37: riscv |(Spec.) |Not vulnerable | | | |
1.1 maxv 38: """]]
39:
1.7 maxv 40: ## Meltdown
41:
1.1 maxv 42: [[!table data="""
1.10 maxv 43: Port |Vendor/Model |Meltdown (V3) |NetBSD-6 |NetBSD-7 |NetBSD-8 |NetBSD-current
1.16 maxv 44: amd64 |Intel |Vulnerable |No fix planned |Not fixed |Not fixed |Fixed [MitigA]
1.11 maxv 45: amd64 |AMD |Not vulnerable | | | |
46: amd64 |VIA |Unknown | | | |
1.1 maxv 47: i386 |Intel |Vulnerable |No fix planned |Not fixed |Not fixed |Not fixed
1.11 maxv 48: i386 |AMD |Not vulnerable | | | |
49: i386 |VIA |Unknown | | | |
1.13 maxv 50: mips |MIPS P5600 |Not vulnerable | | | |
51: mips |MIPS P6600 |Not vulnerable | | | |
52: mips |Other Models |Not vulnerable | | | |
1.14 maxv 53: ia64 |Intel |Not vulnerable | | | |
1.15 maxv 54: riscv |(Spec.) |Not vulnerable | | | |
1.1 maxv 55: """]]
56:
1.16 maxv 57: ## Mitigations
58:
59: ### Mitigation A: SVS
60:
61: Meltdown is mitigated with the SVS feature. It can be dynamically disabled
62: by changing the "machdep.svs.enabled" sysctl.
63:
1.10 maxv 64: ## External Resources
65:
1.11 maxv 66: * [MIPS Blog Post](https://www.mips.com/blog/mips-response-on-speculative-execution-and-side-channel-vulnerabilities/)
1.12 maxv 67: * [ARM Security Update](https://developer.arm.com/support/security-update)
1.15 maxv 68: * [RISC-V](https://riscv.org/2018/01/more-secure-world-risc-v-isa/)
1.10 maxv 69:
1.13 maxv 70: ## Notes
71:
72: * VIA Technologies did not issue any statement regarding their CPUs. It is not currently known whether they are affected.
73: * For Spectre Variant 2, neither Intel, nor AMD, has issued a stable microcode update.
74:
CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb