Colin Percival (FreeBSD committer and security team member) has claimed to have discovered a flaw potentially affecting a broad array of operating systems that support the use of Intel's HyperThreading technology. He claims that "when running on processors supporting Hyper-Threading Technology, it is possible for a malicious thread to monitor the execution of another thread." FreeBSD have published an advisory. Here's a short list of links that reference this topic: http://www.daemonology.net/hyperthreading-considered-harmful/ ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:09.htt.asc http://kerneltrap.org/node/5103 Furthermore, he has now apparently written a paper which presumably demonstrates the exact nature of a possible exploit: http://www.daemonology.net/papers/htt.pdf
It's under review for the CVE list also (whether Linux is affected still seems unclear): http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0109
One more thing; a discussion is underway on the LKML: http://article.gmane.org/gmane.linux.kernel/302424 (seems to be some disagreement as to whether it's really an issue from the point of view of the kernel and, of course, whether it's a big deal).
For the benefit of any watchers on this, here's some further discussion of the matter: http://kerneltrap.org/node/5197 Also, Con Kolivas posted a concept patch to the LKML demonstrating a "sample fix". Here's the (interesting) thread: http://article.gmane.org/gmane.linux.kernel/306979
Still waiting for upstream to decide, adding to status...
I don't think upstream is able or planning to do anything about this, so closing as CANTFIX.
