When you decode media with hardware decoding, you're depending on the security of the media decoding firmware / hardware and again IOMMU isolation to provide any kind of sandbox. You depend on the security of the CPU. When you go browse the web, running untrusted JavaScript code,
Conversation
you are assuming that the CPU is actually capable of safely running that code without it gaining control over everything else. You're relying on the firmware / microcode / hardware security. A best case scenario is they designed it to update as much as possible after the fact.
1
5
Otherwise, a hardware vulnerability is found, and they are often found, and you're just screwed. We live in an time where serious game over bugs exploitable by JavaScript code are being published and fixed via microcode / firmware updates for CPUs and GPUs on a regular basis.
2
5
Replying to
Yes, lots of issues that are not completely mitigated in software + firmware updates. If people aren't receiving microcode updates, they have far more serious issues too. Some Linux distributions don't ship microcode updates. The microcode is still present, but out-of-date.
Replying to
Any that you can name? I can’t think of any in particular. I know of the speculative execution bugs, but that’s it. Also, doesn’t support firmware updates yet, but fortunately microcode can be updated by the kernel.