new hardware vulnerability in zero-fill cache optimization

[owlshrimp]

info: https://travisdowns.github.io/blog/2021/06/17/rip-zero-opt.html

So far it looks like it's only patchable with updated microcode. The vulnerability affects at least as far back as sandybridge, however microcode has only been released for as far back as haswell. Incidentally, intel has decided to drop support for ivybridge and sandybridge this month. (ie those driving the T430 and X230 thinkpads)

I'm personally kinda sad, since I just bought a T430, and ivybridge is the last generation with open-source memory init in coreboot.

[owlshrimp]

After much closer reading of [1] it looks like ivybridge dodged the bullet. This time. It's still never getting a microcode update for any future issues that might appear.

Specifically, ivybridge (06_3AH, 06_3EH) is unaffected by CVE-2020-24511 and CVE-2020-24512.

[1] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html