Hardware vulnerabilities

This section describes CPU vulnerabilities and provides an overview of the possible mitigations along with guidance for selecting mitigations if they are configurable at compile, boot or run time.

• Spectre Side Channels
• L1TF - L1 Terminal Fault
• MDS - Microarchitectural Data Sampling
• TAA - TSX Asynchronous Abort
• iTLB multihit
• SRBDS - Special Register Buffer Data Sampling
• Core Scheduling
• L1D Flushing
• Processor MMIO Stale Data Vulnerabilities
• Cross-Thread Return Address Predictions
• GDS - Gather Data Sampling
• Speculative Return Stack Overflow (SRSO)
• Register File Data Sampling (RFDS)
• Indirect Target Selection (ITS)