Red Hat Responds to New Speculative Execution Vulnerability, Patches Coming Soon

Many modern microprocessors leverage the “lazy restore” function for floating point state (FPU), which is used when needed for improving the overall performance of the system when saving and restoring the state of apps in the internal memory when switching from one application to another. A new speculative execution security vulnerability was publicly disclosed today, affecting modern microprocessors. Known as Lazy State Save/Restore or Lazy FPU Save/Restore and identified as CVE-2018-3665, the vulnerability could allow attackers to obtain information about an app’s activity, including encryption operations.