In a keynote speech at the European Open Source Summit, Greg Kroah-Hartman, a stable kernel maintainer, said the security issue for Intel chips will be around for a long time to come. These chip vulnerabilities, known as MDS, RDDL, Fallout, and Zombieland, are, to some extent, the same problem or different variants of the same problem, but the solutions vary.
For example, RIDL and Zombieload vulnerabilities can steal data across applications, virtual machines, and secure areas (secure enclaves), ironically Intel Software Protection Extension (SGX) is inherently secure within the chip, with many vulnerabilities in itself.
Kroah-Hartman calls it a fix for every issue that comes to the fore, and you have to patch both the Linux kernel, THE CPU BIOS, and the microcode. It’s not just Linux, it’s the same problem for any operating system.
He acknowledges that OpenBSD offers the latest solution to such vulnerabilities: shutting down the hyperthreading of Intel processors and overcoming the performance losses. ‘You have to choose whether to be performing or being safe, and there’s no good choice,’ says Kroah-Hartman.