[$] Meltdown strikes back: the L1 terminal fault vulnerability

The Meltdown CPU vulnerability, first disclosed in early January, was frighteningbecause it allowed unprivileged attackers to easily read arbitrary memoryin the system. Spectre, disclosed at the same time, was harder to exploitbut made it possible for guests running in virtual machines to attack thehost system and other guests. Both vulnerabilities have been mitigated tosome extent (though it will take a long time to even findall of the Spectre vulnerabilities, much less protect against them). But now the newly disclosed "L1 terminal fault" (L1TF) vulnerability(also going by the name Foreshadow) brings back boththreats: relativelyeasy attacks against host memory from inside a guest. Mitigations areavailable (and have been mergedinto the mainline kernel), but they will be expensive for some users.