"ZombieLoad": a new set of speculative-execution attacks

The curtain has finally been lifted on the latest set ofspeculative-execution vulnerabilities. This one has the delightful name ofZombieLoad; it is also known as"microarchitectural data sampling", but what's the fun in that? Various x86processors stash data into hidden buffers that can, in some cases, berevealed via speculative execution. Exploits appear to be relativelyhard. See this pagefrom the kernel documentation for a fairly detailed description of theproblem, and thispage for mitigation information.