gVisor and hyperthreading

[Travis DePrato]

This is somewhat addressed in the GKE sandbox documentation about hyper-threading, they don't really go into what the vulnerabilities really are. I also didn't see any reference to it within the gVisor repo or searching this group.

What are the actual vulnerabilities associated with hyper-threading? Why is using gVisor alone not enough to mitigate them? And is there any way to run securely with hyper-threading enabled?

Thanks, and happy holidays to those celebrating. :)