As AMD has no intentions to release a patch for the Ryzen 3000 series and bellow, what users can do to protect themselves?
I can assume few things:
-
Do not run any untrusted software and closed source software in general.
-
Do not run untrusted OSes and distros. Also disable ability to boot from external devices.
-
Sandboxing (e.g. flatpaks) won’t give you any protection, as it does not protect against kernel exploits.
-
VMs can give defense if you need to run untrusted apps. Probably it is good to run networking apps in a VM also.
What else? What about web browsers? What you are going to do with affected devices if you have them?
It requires kernel level access to abuse, so it will probably be mostly used in targeted attacks. General good technical hygiene should be good enough to prevent becoming a random victim.
Maybe someone will prove me wrong, but I think there is still not enough public information about the vulnerability and the possible mitigations to answer your questions thoroughly.
