Thanks Intel!

Free privilege escalation, along with data snooping courtesy of Intel Rabbis & Cudder for all Intel processors ever made.

https://lkml.org/lkml/2017/12/27/2
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

No privilege escalation, just a stupid (and very narrow) side-channel that has basically been there since specexec was invented and that no one really cared about either (probably because it's a really narrow sidechannel and also read-only.)

For those thinking this is Intel-only, this is not specific to any one ISA but for any core which implements aggressive specexec. This means ARM, MIPS, and of course RISC-V:

https://groups.google.com/a/groups.riscv.org/d/msg/isa-dev/JU0M_vug4R0/YELX92fIBwAJ

>>16,17
Everything running as root, and no untrusted code. The way a personal computer was always meant to be used.

tl;dr: Security people making a big deal of a tempest (or TEMPEST) in a teapot.