Annotation of wikisrc/security/meltdown_spectre.mdwn, revision 1.18
1.6 maxv 1: [[!meta title="Meltdown and Spectre Status Page"]]
1.1 maxv 2:
3: Status of the Fixes
4: -------------------
5:
1.18 ! maxv 6: NetBSD-6, and all the anterior releases, have no planned fixes.
! 7:
1.7 maxv 8: ## Spectre Variant 1
9:
1.1 maxv 10: [[!table data="""
1.18 ! maxv 11: Port |Vendor/Model |Spectre (V1) |NetBSD-7 |NetBSD-8 |NetBSD-current
! 12: amd64 |Intel |Vulnerable |Not fixed |Not fixed |Not fixed
! 13: amd64 |AMD |Vulnerable |Not fixed |Not fixed |Not fixed
! 14: amd64 |VIA |Unknown | | |
! 15: i386 |Intel |Vulnerable |Not fixed |Not fixed |Not fixed
! 16: i386 |AMD |Vulnerable |Not fixed |Not fixed |Not fixed
! 17: i386 |VIA |Unknown | | |
! 18: mips |MIPS P5600 |Vulnerable |Not fixed |Not fixed |Not fixed
! 19: mips |MIPS P6600 |Vulnerable |Not fixed |Not fixed |Not fixed
! 20: mips |Other Models |Not vulnerable | | |
! 21: ia64 |Intel |Not vulnerable | | |
! 22: riscv |(Spec.) |Not vulnerable | | |
1.1 maxv 23: """]]
24:
1.7 maxv 25: ## Spectre Variant 2
26:
1.1 maxv 27: [[!table data="""
1.18 ! maxv 28: Port |Vendor/Model |Spectre (V2) |NetBSD-7 |NetBSD-8 |NetBSD-current
! 29: amd64 |Intel |Vulnerable |Not fixed |Not fixed |Not fixed
! 30: amd64 |AMD |Vulnerable |Not fixed |Not fixed |Not fixed
! 31: amd64 |VIA |Unknown | | |
! 32: i386 |Intel |Vulnerable |Not fixed |Not fixed |Not fixed
! 33: i386 |AMD |Vulnerable |Not fixed |Not fixed |Not fixed
! 34: i386 |VIA |Unknown | | |
! 35: mips |MIPS P5600 |Vulnerable |Not fixed |Not fixed |Not fixed
! 36: mips |MIPS P6600 |Vulnerable |Not fixed |Not fixed |Not fixed
! 37: mips |Other Models |Not vulnerable | | |
! 38: ia64 |Intel |Not vulnerable | | |
! 39: riscv |(Spec.) |Not vulnerable | | |
1.1 maxv 40: """]]
41:
1.7 maxv 42: ## Meltdown
43:
1.1 maxv 44: [[!table data="""
1.18 ! maxv 45: Port |Vendor/Model |Meltdown (V3) |NetBSD-7 |NetBSD-8 |NetBSD-current
! 46: amd64 |Intel |Vulnerable |Not fixed |Not fixed |Fixed [MitigA]
! 47: amd64 |AMD |Not vulnerable | | |
! 48: amd64 |VIA |Unknown | | |
! 49: i386 |Intel |Vulnerable |Not fixed |Not fixed |Not fixed
! 50: i386 |AMD |Not vulnerable | | |
! 51: i386 |VIA |Unknown | | |
! 52: mips |MIPS P5600 |Not vulnerable | | |
! 53: mips |MIPS P6600 |Not vulnerable | | |
! 54: mips |Other Models |Not vulnerable | | |
! 55: ia64 |Intel |Not vulnerable | | |
! 56: riscv |(Spec.) |Not vulnerable | | |
1.1 maxv 57: """]]
58:
1.16 maxv 59: ## Mitigations
60:
61: ### Mitigation A: SVS
62:
63: Meltdown is mitigated with the SVS feature. It can be dynamically disabled
64: by changing the "machdep.svs.enabled" sysctl.
65:
1.10 maxv 66: ## External Resources
67:
1.11 maxv 68: * [MIPS Blog Post](https://www.mips.com/blog/mips-response-on-speculative-execution-and-side-channel-vulnerabilities/)
1.12 maxv 69: * [ARM Security Update](https://developer.arm.com/support/security-update)
1.15 maxv 70: * [RISC-V](https://riscv.org/2018/01/more-secure-world-risc-v-isa/)
1.10 maxv 71:
1.13 maxv 72: ## Notes
73:
74: * VIA Technologies did not issue any statement regarding their CPUs. It is not currently known whether they are affected.
75: * For Spectre Variant 2, neither Intel, nor AMD, has issued a stable microcode update.
76:
CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb
![[BACK]](/icons/back.gif){kind=icon}
Return to meltdown_spectre.mdwn CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [NetBSD Developer Wiki] / wikisrc / security