[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches
From: |
Paolo Bonzini |
Subject: |
Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches |
Date: |
Fri, 5 Jan 2018 09:33:04 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 |
On 04/01/2018 21:15, Stefan Priebe - Profihost AG wrote:
> attached the relevant patch for everybody who needs it.
This is the original patch from Intel, which doesn't work unless you
have a patched kernel (which you almost certainly don't have) and
doesn't even warn you about that.
In other words, it's rubbish. Please read
https://www.qemu.org/2018/01/04/spectre/ several times, until you
understand why there is no urgent need to update QEMU.
Days are 24 hours for QEMU developers just like for you (and believe me,
we wished several times that they weren't during the last two months).
We are prioritizing the fixes according to their effect in mitigating
the vulnerability, their applicability and the availability of patches
to the lower levels of the stack. Right now, the most urgent part is
the simple mitigations that can go in Linux 4.15 and stable kernels.
Paolo
- [Qemu-devel] CVE-2017-5715: relevant qemu patches, Stefan Priebe - Profihost AG, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Alexandre DERUMIER, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Alexandre DERUMIER, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Stefan Priebe - Profihost AG, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Alexandre DERUMIER, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Stefan Priebe - Profihost AG, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Paolo Bonzini, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Stefan Priebe - Profihost AG, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches,
Paolo Bonzini <=
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Stefan Priebe - Profihost AG, 2018/01/05
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Paolo Bonzini, 2018/01/05
Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Stefan Priebe - Profihost AG, 2018/01/04