[clug] Trusted Platform Module privacy
Bryan Kilgallin
kilgallin at iinet.net.au
Sat Aug 18 02:48:02 UTC 2018
Thanks, George:
> Here is something else to read about, but do not bother stressing out
> or worrying about it. Just ignore it for now.
>
>
> https://nakedsecurity.sophos.com/2018/08/17/foreshadow-flaw-found-in-intel-cpus-what-to-do/
{Which CPUs are affected?
If you bought an Intel system after late-2015 (Skylake onwards) there’s
a high chance it will contain an affected CPU (AMD and other vendors
that don’t use SGX are not at risk):
Intel Core i3/i5/i7/M processor (45nm and 32nm)}
My laptop has an Intel Core i5-2520M processor. So I found the following
article.
https://blog.ubuntu.com/2018/08/14/ubuntu-updates-for-l1-terminal-fault-vulnerabilities
{Kernel updates are being released for the following supported Ubuntu
series:
18.04 LTS (Bionic)}
Which OS version is installed.
{Updated Ubuntu kernels have the ability to report how the system is
currently affected by L1TF. To check your system, read the contents of the
/sys/devices/system/cpu/vulnerabilities/l1tf
file.
/sys/devices/system/cpu/vulnerabilities/l1tf}
My laptop did not report the following. So it is vulnerable.
{Processors that aren’t vulnerable to L1TF will report the following:
$ cat /sys/devices/system/cpu/vulnerabilities/l1tf
Not affected}
Rather, the following applies.
{Intel processors that lack VMX support will not report VMX status:
$ cat /sys/devices/system/cpu/vulnerabilities/l1tf
Mitigation: PTE Inversion
We recommend that you apply available updates at your earliest convenience.}
So my laptop lacks VMX support. Yet I guess that I need to find out how
to apply such an update!
--
members.iinet.net.au/~kilgallin/
More information about the linux
mailing list