owlshrimp
commented
3 years ago After much closer reading of [1] it looks like ivybridge dodged the bullet. This time. It's still never getting a microcode update for any future issues that might appear.
Specifically, ivybridge (06_3AH, 06_3EH) is unaffected by CVE-2020-24511 and CVE-2020-24512.
[1] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html
info: https://travisdowns.github.io/blog/2021/06/17/rip-zero-opt.html
So far it looks like it's only patchable with updated microcode. The vulnerability affects at least as far back as sandybridge, however microcode has only been released for as far back as haswell. Incidentally, intel has decided to drop support for ivybridge and sandybridge this month. (ie those driving the T430 and X230 thinkpads)
I'm personally kinda sad, since I just bought a T430, and ivybridge is the last generation with open-source memory init in coreboot.