My understanding of this vulnerability is that speculative indirect
calls in Linux kernel can be used to extract/filter memory content via
side-channels.
So, is it time to implement --enable-retpoline to CPython ? [1]
Etienne
1.
https://www.bleepingcomputer.com/news/google/google-unveils-new-retpoline-coding-technique-for-mitigating-spectre-attacks/
Le 2018-01-06 à 05:42, Etienne Robillard a écrit :
Hi all,
What do you think about the latest Spectre/Meltdown security flaw
found in Intel processors and Apple smartphones?
Are Python 2.7 and 3.6 affected by speculative execution side-channel
attacks when using the Linux kernel and Intel CPUs?
Best regards,
Etienne
--
Etienne Robillard
tkad...@yandex.com
https://www.isotopesoftware.ca/
--
https://mail.python.org/mailman/listinfo/python-list
