L1 Terminal Fault (L1TF), aka Foreshadow
Foreshadow, also known as L1TF, was disclosed the 14th of August 2018, is yet an other side-channel, using L1 cache this time. There are two main classes of attacks with this vulnerability: either via userland, or via an attacker-controlled kernel attacking a host VM. The corresponding CVE are: CVE-2018-3615, CVE-2018-3620 and CVE-2018-3646
Linux uses, since day one, PTE inversion, which has no performances impact, to mitigate the userland attack, and has various configurable granual mitigations depending on your threat model for malicious kernels attacking a host VM. Windows did apparently the same things.
The 23th of August 2018, Theo de Raadt (strongly) suggested to disable hyper-threading on Intel CPU, and announced that there will be no mitigations for L1TF on OpenBSD 6.2 and OpenBSD 6.3, despite being supported until the 18th of October 2018 and the 3rd of May 2019 respectively.
On the same day, he committed some mitigations, inspired from the ones from “other systems”, namely stuffing the L1 cache with garbage, likely murdering the performances, since Linux allows to do the same, but advises against it, for … performance reasons. As for userland, OpenBSD simply disables hyper-threading, which is the most efficient mitigation, but you lose hyperthreading support.