1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Linux kernel team has conquered Retbleed, Torvalds says

    From TechnologyDaily@1337:1/100 to All on Mon Jul 18 14:45:03 2022
    Linux kernel team has conquered Retbleed, Torvalds says

    Date:
    Mon, 18 Jul 2022 13:42:20 +0000

    Description:
    Flaw affecting AMD/Intel hardware was fixed, Linux boss confirms.

    FULL STORY ======================================================================

    Retbleed, a recently discovered Spectre-like microprocessor flaw that
    affected both AMD and Intel devices , has been fixed on Linux , OS boss Linus Torvalds has confirmed.

    As reported by The Register , Torvalds published a blog post detailing the work, saying that the fix wasnt that easy to build, and that the team will have to push the release of the next patch by at least a week.

    "When we've had one of those embargoed [hardware] issues pending, the patches didn't get the open development, and then as a result missed all the usual sanity checking by all the automation build and test infrastructure we have," Torvalds wrote. Leaking passwords

    "So no surprise there's been various small fixup patches afterwards too for some corner cases."

    Last week, two researchers from ETH Zurich discovered the flaw, saying it allowed potential threat actors access to kernel memory of an endpoint ,
    which essentially means access to sensitive data such as passwords, and similar. The flaw is particularly risky in cloud environments, the
    researchers further said, where multiple companies share the same systems. In other words, one vulnerability could expose the secrets of multiple
    companies.

    Similarly to Spectre and Meltdown, flaws that shook the very foundation of
    the computing world four years ago, the patch for Retbleed will inevitably
    slo the processors down.

    But Retbleed is just one of the reasons for the delay in the distribution of the patch, Torvalds further explained. Read more

    Keeping your CPU safe from Spectre imposes serious performance penalty


    Spectre returns - Intel and ARM-based CPUs hit by serious vulnerability


    These are the best antivirus tools right now

    "Last week there were two other development trees that independently also asked for an extension, so 5.19 will be one of those releases that have an additional rc8 next weekend before the final release," Torvalds said.

    "When it rains it pours," he added. "Not that things really look all that
    bad. I think we've got the Retbleed fallout all handled (knock wood)."

    The two things developers were working on include the btrfs filesystem, and the firmware for controllers for Intel GPUs. These issues did not create any particular complications, Torvalds concluded, adding it's not like we have
    any huge issues, but an extra week is most definitely called for." Here's our take on the best identity management software right now

    Via: The Register



    ======================================================================
    Link to news story: https://www.techradar.com/news/linux-kernel-team-has-conquered-retbleed-torval ds-says/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)