yeshua
Member
- Aug 7, 2019
- 166
- 134
- 86
Intel has received a metric ton of flak in regard to their vulnerabilities, however each time they have been announced, a fix was immediately available for Linux, MacOS and Windows.
AMD was notified about this vulnerability over five months ago (August 23, 2019).
AMD was notified about this vulnerability over five months ago (August 23, 2019).
- There's no CVE still
- The vulnerability hasn't even been confirmed by the company
- I've just checked with Microsoft and Linux (kernel.org) - zero confirmations and no fixes despite the announcement and publication
The researchers were able to exploit the vulnerability via JavaScript run on Chrome and Firefox browsers. The paper suggests several possible remedies for the vulnerability through a combined software and hardware approach, but doesn't speculate on the performance hit associated with the suggested fixes.
Last edited: