On Sun, Nov 12, 2017 at 04:09:21PM -0600, Patrick Meade wrote:
> On 11/12/2017 12:45 PM, Adam Borowski wrote:
> > At least microcode is mandatory on any modern x86 CPUs, or you risk severe
> > data loss issues that differ by CPU sub-model. You may think that just
> > because without microcode your machine boots, all is ok. It's not. Even
> > worse, the documentation for problems fixed by microcode updates is sparse
> > at best and non-existant in most cases.
>
> Will you share a link to a source for this?
For example:
https://lists.debian.org/debian-security/2016/03/msg00084.html
An unprivileged user in an unprivileged VM gets to execute arbitrary code in
the _host_'s kernel.
There's hundreds of such CPU errata per year. They usually affect just a
few models, yet there's enough to give a fair share to every CPU you may
have. And, as Intel and AMD really don't want this to be public, most
errata are fixed silently without an announcement.
Meow!
--
⢀⣴⠾⠻⢶⣦⠀ Laws we want back: Poland, Dz.U. 1921 nr.30 poz.177 (also Dz.U.
⣾⠁⢰⠒⠀⣿⡁ 1920 nr.11 poz.61): Art.2: An official, guilty of accepting a gift
⢿⡄⠘⠷⠚⠋⠀ or another material benefit, or a promise thereof, [in matters
⠈⠳⣄⠀⠀⠀⠀ relevant to duties], shall be punished by death by shooting.