On 04/01/2018 21:15, Stefan Priebe - Profihost AG wrote: > attached the relevant patch for everybody who needs it.
This is the original patch from Intel, which doesn't work unless you have a patched kernel (which you almost certainly don't have) and doesn't even warn you about that. In other words, it's rubbish. Please read https://www.qemu.org/2018/01/04/spectre/ several times, until you understand why there is no urgent need to update QEMU. Days are 24 hours for QEMU developers just like for you (and believe me, we wished several times that they weren't during the last two months). We are prioritizing the fixes according to their effect in mitigating the vulnerability, their applicability and the availability of patches to the lower levels of the stack. Right now, the most urgent part is the simple mitigations that can go in Linux 4.15 and stable kernels. Paolo
