Zenbleed on OpenBSD (marc.info)
from tedu to openbsd on 25 Jul 2023 17:41

Zenbleed errata for 7.2 and 7.3 will come out soon.

While working on our fixes, I ran the test programs for quite a while and I never saw anything resembling a 'text' string. However when I ran a browser I saw streams of what was probably graphics-related fragments flowing past. The base system clearly uses AVX very rarely by itself.

In summary: in OpenBSD, this isn't a big deal today. However, attacks built upon primitives always get better over time, so I urge everyone to install these workarounds as soon as our errata ship.


threaded - newest