specter, meltdown, and dom0
162 views
Skip to first unread message
pixel fairy
Jan 3, 2018, 7:01:40 PM1/3/18
to qubes-users
Since someone has to start this thread,
Does dom0 matter here, or would patching xen fix this?
Greg Strong
Jan 4, 2018, 12:53:26 AM1/4/18
to qubes-users
On Wednesday, January 3, 2018 at 7:01:40 PM UTC-5, pixel fairy wrote:
> Since someone has to start this thread,
>
> Does dom0 matter here, or would patching xen fix this?
> Since someone has to start this thread,
>
> Does dom0 matter here, or would patching xen fix this?
Meltdown requires a Xen fix (at a minimum), here's the current:
https://xenbits.xen.org/xsa/advisory-254.html
Spectre is a whole 'nother can of worms. Not even really fixable in any robust way, it seems, but from what I gather reading this paper, it is very hard to exploit: https://xenbits.xen.org/xsa/advisory-254.html
Andrew David Wong
Jan 4, 2018, 10:33:54 AM1/4/18
to pixel fairy, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 2018-01-03 18:01, pixel fairy wrote:
> Since someone has to start this thread,
>
> Does dom0 matter here, or would patching xen fix this?
>
We've just published an announcement about this:
https://www.qubes-os.org/news/2018/01/04/xsa-254-meltdown-spectre/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlpOSVYACgkQ203TvDlQ
MDAVOBAAi0q39BmrWSueymGqXV1c/BItxFPiQwC66v7uD6/xMvxbNPRH7gSBScjl
ELW1zJRgqrZJKwro+0zNxx+BNC4LJYNMzaNdaQc2/vOnMl1NIgvHbK8Y6g2113vn
T/UeX1/c4HfYn9sNzfhNplK0CRbHVfcAvxPPdro9HMeBXOJmv3qUC5kA5UMqJD66
H9domhfqDYGBJwatk2nXfy9Gs0o1HdfStFBXAjyurEs51XYUJz3Eui0nXvcPZ2RH
lOOZpoHQABuxzTPyc0vLeIRk8MP119UQrDwwdpRZOukoujhk2T2wnAVGflJDbmb3
dvSTTD7/86jhE/DrsVTRWnfgg7Puly0bI/Ipmyhn/OEDtxycsWxXRtgOI8n5OdBC
GB9FD3bJ3gUW4ubOHntaVKyXxeCU1JxDOcif7vkTijtdrxoxwR1HqwLiVrD+Be88
DZQz18Wm0EcVuBQTzRDxNiOe4+XtdCuZo5eNF33dfWT0qA0bYM0mR7M9UiTFBNta
J9ORePb2psD3q1qE++UIov7LViG1aL0wYpEi6/pvPB/xH335I0LHeepu3so/WMYR
sGg8dw/DM/4fOEAmI81AS7Xz9V4l8Vo2zbr6R2+ykEe60Yw37S6hoabbUAONF7yx
wX87rRIARyO6UPyO9I0kSTjQAEW1vyIg2tvlWMeSDXIdZ4Pm8eI=
=e1p2
-----END PGP SIGNATURE-----
Hash: SHA512
On 2018-01-03 18:01, pixel fairy wrote:
> Since someone has to start this thread,
>
> Does dom0 matter here, or would patching xen fix this?
>
https://www.qubes-os.org/news/2018/01/04/xsa-254-meltdown-spectre/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlpOSVYACgkQ203TvDlQ
MDAVOBAAi0q39BmrWSueymGqXV1c/BItxFPiQwC66v7uD6/xMvxbNPRH7gSBScjl
ELW1zJRgqrZJKwro+0zNxx+BNC4LJYNMzaNdaQc2/vOnMl1NIgvHbK8Y6g2113vn
T/UeX1/c4HfYn9sNzfhNplK0CRbHVfcAvxPPdro9HMeBXOJmv3qUC5kA5UMqJD66
H9domhfqDYGBJwatk2nXfy9Gs0o1HdfStFBXAjyurEs51XYUJz3Eui0nXvcPZ2RH
lOOZpoHQABuxzTPyc0vLeIRk8MP119UQrDwwdpRZOukoujhk2T2wnAVGflJDbmb3
dvSTTD7/86jhE/DrsVTRWnfgg7Puly0bI/Ipmyhn/OEDtxycsWxXRtgOI8n5OdBC
GB9FD3bJ3gUW4ubOHntaVKyXxeCU1JxDOcif7vkTijtdrxoxwR1HqwLiVrD+Be88
DZQz18Wm0EcVuBQTzRDxNiOe4+XtdCuZo5eNF33dfWT0qA0bYM0mR7M9UiTFBNta
J9ORePb2psD3q1qE++UIov7LViG1aL0wYpEi6/pvPB/xH335I0LHeepu3so/WMYR
sGg8dw/DM/4fOEAmI81AS7Xz9V4l8Vo2zbr6R2+ykEe60Yw37S6hoabbUAONF7yx
wX87rRIARyO6UPyO9I0kSTjQAEW1vyIg2tvlWMeSDXIdZ4Pm8eI=
=e1p2
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages