- Exclude AMD from the PTI enforcement. Not necessarily a fix, but if
AMD is so confident that they are not affected, then we should not
burden users with the overhead"
再講多少少,根據 Google Project Zero,今次其實有三個漏洞,CVE-2017-5753的繞過邊界檢查(bounds check bypass)、CVE-2017-5715的分支目標注入(branch target injection),以及CVE-2017-5754的未管理資料快取載入(rogue data cache load)。同時佢地發表咗4個 PoC (Proof of Concept),可以利用上述漏洞去攻擊系統。