OpenBSD Errata: August 24th, 2018 (vmml1tf)
23 August, 2018 by tj@openbsd.org | openbsd
Errata patches for the kernel have been released for OpenBSD 6.3 and 6.2. The Intel L1TF bug allows a vmm guest to read host memory. Binary updates for the amd64 platform are available via the syspatch utility. Source code patches can be found on the respective errata pages: https://www.openbsd.org/errata62.html https://www.openbsd.org/errata63.html Run the fw_update command to get updated CPU microcode before rebooting. If your machine has SMT ("hyper-threading") capability, it must be disabled in the BIOS. The CPU microcode update is not available for OpenBSD 6.2, so a BIOS update is required to receive the accelerated L1 cache solution there.