Welp: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

> A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

> Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down.

> A spokesperson for Intel was not available for comment

Weren't they now.

Also, another *Very* good reason to use bare metal whenever possible.

> There were rumors of a severe hypervisor bug – possibly in Xen – doing the rounds at the end of 2017. It may be that this hardware flaw is that rumored bug: that hypervisors can be attacked via this kernel memory access cockup, and thus need to be patched, forcing a mass restart of guest virtual machines.

If in an argument I told someone last month "what if there was a bug in the processor design", I would be laughed out the room.

Well. There we go.

@rysiek "It's not a processor bug" is up there with "it's not a compiler bug" - a necessary mantra when learning, right up until what you learn is that, welp, sometimes it is.