Problem description and impact When running on processors supporting Hyper-Threading Technology, it is possible for a malicious thread to monitor the execution of another thread. Information may be disclosed to local users, allowing in many cases for privilege escalation. For example, on a multi-user system, it may be possible to steal cryptographic keys used in applications such as OpenSSH or SSL-enabled web servers. NOTE: Similar problems may exist in other simultaneous multithreading implementations, or even some systems in the absence of simultaneous multithreading. However, current research has only demonstrated this flaw in Hyper-Threading Technology, where shared memory caches are used. Workaround Systems not using processors with Hyper-Threading Technology support are not affected by this issue. On systems which are affected, the security flaw can be eliminated by setting the "machdep.hlt_logical_cpus" tunable:
The system must be rebooted in order for tunables to take effect. Use of this workaround is not recommended on "dual-core" systems, as this workaround will also disable one of the processor cores.