Zenbleed on OpenBSD
(marc.info)
from tedu to openbsd on 25 Jul 2023 17:41
https://azorius.net/p/B6433ZcQk384XlLPZy
from tedu to openbsd on 25 Jul 2023 17:41
https://azorius.net/p/B6433ZcQk384XlLPZy
Zenbleed errata for 7.2 and 7.3 will come out soon.
While working on our fixes, I ran the test programs for quite a while and I never saw anything resembling a 'text' string. However when I ran a browser I saw streams of what was probably graphics-related fragments flowing past. The base system clearly uses AVX very rarely by itself.
In summary: in OpenBSD, this isn't a big deal today. However, attacks built upon primitives always get better over time, so I urge everyone to install these workarounds as soon as our errata ship.
threaded - newest