Meltdown (security vulnerability)
ARM-based microprocessors | |
Website | meltdownattack |
---|
Meltdown is one of the two original
, even when it is not authorized to do so.Meltdown affects a wide range of systems. At the time of disclosure (2018), this included all devices running any but the most recent and
Meltdown was issued a
Several procedures to help protect home computers and related devices from the Meltdown and Spectre security vulnerabilities have been published.[15][16][17][18] Meltdown patches may produce performance loss.[19][20][21] Spectre patches have been reported to significantly reduce performance, especially on older computers; on the then-newest (2017) eighth-generation Core platforms, benchmark performance drops of 2–14 percent have been measured.[22] On 18 January 2018, unwanted reboots, even for newer Intel chips, due to Meltdown and Spectre patches, were reported.[23] Nonetheless, according to Dell: "No 'real-world' exploits of these vulnerabilities [i.e., Meltdown and Spectre] have been reported to date [26 January 2018], though researchers have produced proof-of-concepts."[24][25] Dell further recommended: "promptly adopting software updates, avoiding unrecognized hyperlinks and websites, not downloading files or applications from unknown sources ... following secure password protocols ... [using] security software to help protect against malware (advanced threat prevention software or anti-virus)."[24][25]
On 15 March 2018, Intel reported that it would redesign its CPUs to help protect against the Meltdown and related Spectre vulnerabilities (especially, Meltdown and Spectre-V2, but not Spectre-V1), and expected to release the newly redesigned processors later in 2018.[26][27][28][29] On 8 October 2018, Intel is reported to have added hardware and firmware mitigations regarding Spectre and Meltdown vulnerabilities to its latest processors.[30]
Overview
Meltdown exploits a
Since many
The vulnerability is viable on any operating system in which privileged data is mapped into virtual memory for unprivileged processes – which includes many present-day operating systems. Meltdown could potentially impact a wider range of computers than presently identified, as there is little to no variation in the microprocessor families used by these computers.[citation needed]
A Meltdown attack cannot be detected if it is carried out, as it does not leave any traces in traditional log files.[31][32]
History
This section is in prose. is available. (January 2018) |
On 8 May 1995, a paper called "The Intel 80x86 Processor Architecture: Pitfalls for Secure Systems" published at the 1995 IEEE Symposium on Security and Privacy warned against a
In July 2012, Apple's
In March 2014, the Linux kernel adopted KASLR to mitigate address leaks.[35]
On 8 August 2016, Anders Fogh and Daniel Gruss presented "Using Undocumented CPU Behavior to See Into Kernel Mode and Break KASLR in the Process" at the
On 10 August 2016, Moritz Lipp et al. of
On 27 December 2016, at
On 1 February 2017, the CVE numbers 2017-5715, 2017-5753 and 2017-5754 were assigned to Intel.
On 27 February 2017, Bosman et al. of Vrije Universiteit Amsterdam published their findings of how address space layout randomization (ASLR) could be abused on cache-based architectures at the NDSS Symposium.[39]
On 27 March 2017, researchers at
In June 2017, KASLR was found to have a large class of new vulnerabilities.
In July 2017, research made public on the CyberWTF website by security researcher Anders Fogh outlined the use of a cache timing attack to read kernel space data by observing the results of speculative operations conditioned on data fetched with invalid privileges.[45]
Meltdown was discovered independently by Jann Horn from
In October 2017, Kernel ASLR support on amd64 was added to NetBSD-current, making
On 14 November 2017, security researcher Alex Ionescu publicly mentioned changes in the new version of Windows 10 that would cause some speed degradation without explaining the necessity for the changes, just referring to similar changes in Linux.[49]
After affected hardware and software vendors had been made aware of the issue on 28 July 2017,
On 28 January 2018, Intel was reported to have shared news of the Meltdown and Spectre security vulnerabilities with Chinese technology companies before notifying the U.S. government of the flaws.[52]
The security vulnerability was called Meltdown because "the vulnerability basically melts security boundaries which are normally enforced by the hardware".[31]
On 8 October 2018, Intel was reported to have added hardware and firmware mitigations regarding Spectre and Meltdown vulnerabilities to its latest processors.[30]
In November 2018, two new variants of the attacks were revealed. Researchers attempted to compromise CPU protection mechanisms using code to exploit weaknesses in memory protection and the BOUND
instruction. They also attempted but failed to exploit CPU operations for memory alignment, division by zero, supervisor modes, segment limits, invalid opcodes, and non-executable code.[53]
Mechanism
Meltdown
Background – modern CPU design
Modern
- physical memory, and may do with it as it likes. In reality it will be allocated memory to use from the physical memory, which acts as a "pool" of available memory, when it first tries to use any given memory address (by trying to read or write to it). This allows multiple processes, including the kernel or operating systemitself, to co-habit on the same system, but retain their individual activity and integrity without being affected by other running processes, and without being vulnerable to interference or unauthorized data leaks caused by a rogue process.
- Privilege levels, or protection domains – provide a means by which the operating system can control which processes are authorized to read which areas of virtual memory.
As virtual memory permits a computer to refer to vastly more memory than it will ever physically contain, the system can be greatly sped up by "mapping" every process and their in-use memory – in effect all memory of all active processes – into every process's virtual memory. In some systems all physical memory is mapped as well, for further speed and efficiency. This is usually considered safe, because the operating system can rely on privilege controls built into the processor itself, to limit which areas of memory any given process is permitted to access. An attempt to access authorized memory will immediately succeed, and an attempt to access unauthorized memory will cause an exception and void the read instruction, which will fail. Either the calling process or the operating system directs what will happen if an attempt is made to read from unauthorized memory – typically it causes an error condition and the process that attempted to execute the read will be terminated. As unauthorized reads are usually not part of normal program execution, it is much faster to use this approach than to pause the process every time it executes some function that requires privileged memory to be accessed, to allow that memory to be mapped into a readable address space.
- conditional branches, will lead to one of two different outcomes, depending on a condition. For example, if a value is 0, it will take one action, and otherwise will take a different action. In some cases, the CPU may not yet know which branch to take. This may be because a value is uncached. Rather than wait to learn the correct option, the CPU may proceed immediately (speculative execution). If so, it can either guess the correct option (predictive execution) or even take both (eager execution). If it executes the incorrect option, the CPU will attempt to discard all effects of its incorrect guess.)
- CPU cache – a modest amount of memory within the CPU used to ensure it can work at high speed, to speed up memory access, and to facilitate "intelligent" execution of instructions in an efficient manner.
From the perspective of a CPU, the computer's physical memory is slow to access. Also the instructions a CPU runs are very often repetitive, or access the same or similar memory numerous times. To maximize efficient use of the CPU's resources, modern CPUs often have a modest amount of very fast on-chip memory, known as CPU cache. When data is accessed or an instruction is read from physical memory, a copy of that information is routinely saved in the CPU cache at the same time. If the CPU later needs the same instruction or memory contents again, it can obtain it with minimal delay from its own cache rather than waiting for a request related to physical memory to take place.
Meltdown exploit
Ordinarily, the mechanisms described above are considered secure. They provide the basis for most modern operating systems and processors. Meltdown exploits the way these features interact to bypass the CPU's fundamental privilege controls and access privileged and sensitive data from the operating system and other processes. To understand Meltdown, consider the data that is mapped in virtual memory (much of which the process is not supposed to be able to access) and how the CPU responds when a process attempts to access unauthorized memory. The process is running on a vulnerable version of
- The CPU encounters an instruction accessing the value, A, at an address forbidden to the process by the virtual memory system and the privilege check. Because of speculative execution, the instruction is scheduled and dispatched to an execution unit. This execution unit then schedules both the privilege check and the memory access.
- The CPU encounters an instruction accessing address Base+A, with Base chosen by the attacker. This instruction is also scheduled and dispatched to an execution unit.
- The privilege check informs the execution unit that the address of the value, A, involved in the access is forbidden to the process (per the information stored by the virtual memory system), and thus the instruction should fail and subsequent instructions should have no effect. Because these instructions were speculatively executed, however, the data at Base+A may have been cached before the privilege check – and may not have been undone by the execution unit (or any other part of the CPU). If this is indeed the case, the mere act of caching constitutes a leak of information in and of itself. At this point, Meltdown intervenes.[44]
- The process executes a timing attack by executing instructions referencing memory operands directly. To be effective, the operands of these instructions must be at addresses which cover the possible address, Base+A, of the rejected instruction's operand. Because the data at the address referred to by the rejected instruction, Base+A, was cached nevertheless, an instruction referencing the same address directly will execute faster. The process can detect this timing difference and determine the address, Base+A, that was calculated for the rejected instruction – and thus determine the value A at the forbidden memory address.
Meltdown uses this technique in sequence to read every address of interest at high speed, and depending on other running processes, the result may contain passwords, encryption data, and any other sensitive information, from any address of any process that exists in its memory map. In practice, because cache side-channel attacks are slow, it is faster to extract data one bit at a time (only 2 × 8 = 16 cache attacks needed to read a byte, rather than 256 steps if it tried to read all 8 bits at once).
Impact
The impact of Meltdown depends on the design of the CPU, the design of the operating system (specifically how it uses memory paging), and the ability of a malicious party to get any code run on that system, as well as the value of any data it could read if able to execute.
- CPU– Many of the most widely used modern CPUs from the late 1990s until early 2018 have the required exploitable design. However, it is possible to mitigate it within CPU design. A CPU that could detect and avoid memory access for unprivileged instructions, or was not susceptible to cache timing attacks or similar probes, or removed cache entries upon non-privilege detection (and did not allow other processes to access them until authorized) as part of abandoning the instruction, would not be able to be exploited in this manner. Some observers consider that all software solutions will be "workarounds" and the only true solution is to update affected CPU designs and remove the underlying weakness.
- Operating system – Most of the widely used and general-purpose operating systems use privilege levels and virtual memory mapping as part of their design. Meltdown can access only those pages that are memory mapped so the impact will be greatest if all active memory and processes are memory mapped in every process and have the least impact if the operating system is designed so that almost nothing can be reached in this manner. An operating system might also be able to mitigate in software to an extent by ensuring that probe attempts of this kind will not reveal anything useful. Modern operating systems use memory mapping to increase speed so this could lead to performance loss.
- Virtual machine – A Meltdown attack cannot be used to break out of a virtual machine, i.e., in fully virtualized machines guest user space can still read from guest kernel space, but not from host kernel space.[54] The bug enables reading memory from address space represented by the same page table, meaning the bug does not work between virtual tables. That is, guest-to-host page tables are unaffected, only guest-to-same-guest or host-to-host, and of course host-to-guest since the host can already access the guest pages. This means different VMs on the same fully virtualized hypervisor cannot access each other's data, but different users on the same guest instance can access each other's data.[55]
- better source needed]
The specific impact depends on the implementation of the address translation mechanism in the OS and the underlying hardware architecture. The attack can reveal the content of any memory that is mapped into a user address space, even if otherwise protected. For example, before kernel page-table isolation was introduced, most versions of Linux mapped all physical memory into the address space of every user-space process; the mapped addresses are (mostly) protected, making them unreadable from user-space and accessible only when transitioned into the kernel. The existence of these mappings makes transitioning to and from the kernel faster, but is unsafe in the presence of the Meltdown vulnerability, as the contents of all physical memory (which may contain sensitive information such as passwords belonging to other processes or the kernel) can then be obtained via the above method by any unprivileged process from user-space.
According to researchers, "every Intel processor that implements
The vulnerability is expected to impact major
. Cloud providers allow users to execute programs on the same physical servers where sensitive data might be stored, and rely on safeguards provided by the CPU to prevent unauthorized access to the privileged memory locations where that data is stored, a feature that the Meltdown exploit circumvents.The original paper reports that
They report that the attack on a fully virtualized machine allows the guest user space to read from the guest kernel memory, but not read from the host kernel space.Affected hardware
The Meltdown vulnerability primarily affects
Researchers have indicated that the Meltdown vulnerability is exclusive to Intel processors, while the Spectre vulnerability can possibly affect some
ARM has reported that the majority of their processors are not vulnerable, and published a list of the specific processors that are affected. The
A large portion of the then-current mid-range
IBM has also confirmed that its Power CPUs are affected by both CPU attacks.
Oracle has stated that V9-based SPARC systems (T5, M5, M6, S7, M7, M8, M10, M12 processors) are not affected by Meltdown, though older SPARC processors that are no longer supported may be impacted.[76]
Mitigation
Mitigation of the vulnerability requires changes to operating system kernel code, including increased isolation of kernel memory from user-mode processes.
Apple included mitigations in macOS 10.13.2, iOS 11.2, and tvOS 11.2. These were released a month before the vulnerabilities were made public.[85][86][87][88] Apple has stated that watchOS and the Apple Watch are not affected.[89] Additional mitigations were included in a Safari update as well a supplemental update to macOS 10.13, and iOS 11.2.2.[90][91][92][93][94]
It was reported that implementation of KPTI may lead to a reduction in CPU performance, with some researchers claiming up to 30% loss in performance, depending on usage, though Intel considered this to be an exaggeration.
A statement by Intel said that "any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time".
Several procedures to help protect home computers and related devices from the Meltdown and Spectre security vulnerabilities have been published.[15][16][17][18] Meltdown patches may produce performance loss.[19][20][21] On 18 January 2018, unwanted reboots, even for newer Intel chips, due to Meltdown and Spectre patches, were reported.[23] According to Dell: "No 'real-world' exploits of these vulnerabilities [ie, Meltdown and Spectre] have been reported to date [26 January 2018], though researchers have produced proof-of-concepts."[24][25] Further, recommended preventions include: "promptly adopting software updates, avoiding unrecognized hyperlinks and websites, not downloading files or applications from unknown sources ... following secure password protocols ... [using] security software to help protect against malware (advanced threat prevention software or anti-virus)."[24][25]
On 25 January 2018, the current status and possible future considerations in solving the Meltdown and Spectre vulnerabilities were presented.
On 8 October 2018, Intel was reported to have added hardware and firmware mitigations regarding Spectre and Meltdown vulnerabilities to its latest processors.[30]
Vulnerability | CVE | Exploit name | Public vulnerability name | Windows changes | Firmware changes |
---|---|---|---|---|---|
(Spectre) | 2017-5753 | Variant 1 | Bounds Check Bypass (BCB) |
|
No |
(Spectre) | 2017-5715 | Variant 2 | Branch Target Injection (BTI) | New CPU instructions eliminating branch speculation | Yes |
Meltdown | 2017-5754 | Variant 3 | Rogue Data Cache Load (RDCL) | Isolate kernel and user mode page tables | No |
See also
- Intel Management Engine – an Intel subsystem which was discovered to have a major security vulnerability in 2017
- Pentium F00F bug
- Pentium FDIV bug
- Row hammer – an unintended side effect in dynamic random-access memory causing memory cells to interact electrically
- Spoiler − a Spectre-like, though unrelated, vulnerability affecting only Intel microprocessors, disclosed in 2019.
References
- ^ a b c "Potential Impact on Processors in the POWER Family – IBM PSIRT Blog". IBM.com. 2018-01-25. Retrieved 2018-01-30.
- ^ "About speculative execution vulnerabilities in ARM-based and Intel CPUs".
- ^ Arm Ltd. "Arm Processor Security Update". ARM Developer.
- ^ a b Bright, Peter (2018-01-05). "Meltdown and Spectre: Here's what Intel, Apple, Microsoft, others are doing about it". Ars Technica. Retrieved 2018-01-06.
- ^ a b "Apple Confirms 'Meltdown' and 'Spectre' Vulnerabilities Impact All Macs and iOS Devices, Some Fixes Already Released". 2018-01-04.
- ZDNet. Retrieved 2018-01-16.
- ^ "CVE-2017-5754". Security-Tracker.Debian.org. Retrieved 2018-01-16.
- ^ "CERT: "Meltdown and Spectre" CPU Security Flaw Can Only Be Fixed by Hardware Replacement – WinBuzzer". 2018-01-04.
- ^ a b "Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign". The Register.
- ^ "Industry Testing Shows Recently Released Security Updates Not Impacting Performance in Real-World Deployments". Intel newsroom. 2018-01-04. Retrieved 2018-01-05.
- ^ Schneier, Bruce. "Spectre and Meltdown Attacks Against Microprocessors – Schneier on Security". Schneier.com. Retrieved 2018-01-09.
- ^ "This Week in Security: Internet Meltdown Over Spectre of CPU Bug". Cylance.com. 2018-01-05. Retrieved 2018-01-30.
- ^ "Meltdown, Spectre: here's what you should know". Rudebaguette.com. 2018-01-08. Retrieved 2018-01-30.
- ^ King, Ian; Kahn, Jeremy; Webb, Alex; Turner, Giles (2018-01-08). "'It Can't Be True.' Inside the Semiconductor Industry's Meltdown". Bloomberg Technology. Archived from the original on 2018-01-10. Retrieved 2018-01-10.
- ^ a b Metz, Cade; Chen, Brian X. (2018-01-04). "What You Need to Do Because of Flaws in Computer Chips". The New York Times. Retrieved 2018-01-05.
- ^ a b Pressman, Aaron (2018-01-05). "Why Your Web Browser May Be Most Vulnerable to Spectre and What to Do About It". Fortune. Retrieved 2018-01-05.
- ^ a b Chacos, Brad (2018-01-04). "How to protect your PC from the major Meltdown and Spectre CPU flaws". PC World. Retrieved 2018-01-04.
- ^ a b Elliot, Matt (2018-01-04). "Security – How to protect your PC against the Intel chip flaw – Here are the steps to take to keep your Windows laptop or PC safe from Meltdown and Spectre". CNET. Retrieved 2018-01-04.
- ^ a b c "Computer chip scare: What you need to know". BBC News. 2018-01-04. Retrieved 2018-01-04.
- ^ ISSN 0362-4331. Retrieved 2018-01-03.
- ^ a b c "Intel says processor bug isn't unique to its chips and performance issues are 'workload-dependent'". The Verge. Retrieved 2018-01-04.
- ^ Hachman, Mark (2018-01-09). "Microsoft tests show Spectre patches drag down performance on older PCs". PC World. Retrieved 2018-01-09.
- ^ ZDNet. Retrieved 2018-01-18.
- ^ a b c d Staff (2018-01-26). "Microprocessor Side-Channel Vulnerabilities (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on Dell products". Dell. Retrieved 2018-01-26.
- ^ a b c d Staff (2018-01-26). "Meltdown and Spectre Vulnerabilities". Dell. Archived from the original on 2018-03-05. Retrieved 2018-01-26.
- ^ Warren, Tom (2018-03-15). "Intel processors are being redesigned to protect against Spectre – New hardware coming later this year". The Verge. Retrieved 2018-03-20.
- ^ Shankland, Stephen (2018-03-15). "Intel will block Spectre attacks with new chips this year – Cascade Lake processors for servers, coming this year, will fight back against a new class of vulnerabilities, says CEO Brian Krzanich". CNET. Retrieved 2018-03-20.
- ^ a b Smith, Ryan (2018-03-15). "Intel Publishes Spectre & Meltdown Hardware Plans: Fixed Gear Later This Year". AnandTech. Retrieved 2018-03-20.
- ^ a b Coldewey, Devin (2018-03-15). "Intel announces hardware fixes for Spectre and Meltdown on upcoming chips". TechCrunch. Retrieved 2018-03-28.
- ^ a b c Shilov, Anton (2018-10-08). "Intel's New Core and Xeon W-3175X Processors: Spectre and Meltdown Security Update". AnandTech. Retrieved 2018-10-09.
- ^ a b "Meltdown and Spectre". SpectreAttack.com. Retrieved 2018-01-30.
- ^ "What Are the Spectre and Meltdown CPU Vulnerabilities".
- ^
Sibert, Olin; Porras, Philip A.; Lindell, Robert (1995-05-08). "The Intel 80x86 Processor Architecture: Pitfalls for Secure Systems" (PDF). S2CID 923198. Archived from the original (PDF) on 2018-01-07. Retrieved 2018-01-09.)
{{cite journal}}
: Cite journal requires|journal=
(help - ^ "OS X Mountain Lion Core Technologies Overview" (PDF). June 2012. Retrieved 2012-07-25.
- ^ "Linux_3.14". kernelnewbies.org. 2017-12-30. Retrieved 2018-01-18.
- ^ Fogh, Anders; Gruss, Daniel. "Blackhat USA 2016, Using Undocumented CPU Behavior to See into Kernel Mode and Break KASLR in the Process".
- ^ Lipp, Moritz; Gruss, Daniel; Spreitzer, Raphael; Maurice, Clémentine; Mangard, Stefan (2016-08-10). "ARMageddon: Cache Attacks on Mobile Devices" (PDF). Retrieved 2018-01-09.
- ^ Maurice, Clémentine; Lipp, Moritz (2016-12-27). "What could possibly go wrong with <insert x86 instruction here>?".
- ^ Gras, Ben; Razavi, Kaveh; Bosman, Erik; Box, Herbert; Giuffrida, Cristiano (2017-02-27). "ASLR on the Line: Practical Cache Attacks on the MMU". Retrieved 2018-01-09.
- ^ Intel SGX Prime+Probe attack
- ^ "KASLR is Dead: Long Live KASLR" (PDF).
- ISBN 978-3-319-62104-3.
- ^ Gruss, Daniel (2018-01-03). "#FunFact: We submitted #KAISER to #bhusa17 and got it rejected". Archived from the original on 2018-01-08. Retrieved 2018-01-08 – via Twitter.
- ^ a b c d e f Lipp, Moritz; Schwarz, Michael; Gruss, Daniel; Prescher, Thomas; Haas, Werner; Fogh, Anders; Horn, Jann; Mangard, Stefan; Kocher, Paul; Genkin, Daniel; Yarom, Yuval; Hamburg, Mike. "Meltdown: Reading Kernel Memory from User Space" (PDF). MeltdownAttack.com. Retrieved 2019-02-25.
- ^ "Negative Result Reading Kernel Memory from user Mode". 2017-07-28.
- ^ a b "Meltdown and Spectre: Which systems are affected by Meltdown?". meltdownattack.com. Retrieved 2018-01-03.
- ^ "Kernel ASLR on amd64". 2017. Retrieved 2017-10-16.
- ^ "Apple Open Source". 2017.
- ^ Ionescu, Alex (2017-11-14). "Windows 17035 Kernel ASLR/VA Isolation In Practice (like Linux KAISER)". Twitter. Archived from the original on 2018-01-06. Retrieved 2018-01-06.
- ^ Gibbs, Samuel (2018-01-04). "Meltdown and Spectre: 'worst ever' CPU bugs affect virtually all computers". The Guardian. Archived from the original on 2018-01-06. Retrieved 2018-01-06.
- ^ "Information Leak via speculative execution side channel attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 aka Spectre and Meltdown)". Ubuntu Wiki. Retrieved 2018-01-04.
- ^ Lynley, Matthew (2018-01-28). "Intel reportedly notified Chinese companies of chip security flaw before the U.S. government". TechCrunch. Retrieved 2018-01-28.
- ZDNet. Retrieved 2018-11-17.
- ^ a b Galowicz, Jacek (2018-01-03). "Cyberus Technology Blog – Meltdown". blog.cyberus-technology.de.
- ^ Wheeler, Eric (2018-01-04). "Meltdown BUG: What about KVM/Xen/Docker/OpenVZ/LXC/PV-Xen/HyperV?". www.linuxglobal.com.
- ^ Bhat, Akshay (2018-01-17). "Meltdown and Spectre vulnerabilities". timesys.com. Retrieved 2018-01-23.
unless your product allows running 3rd party or WEB applications, we believe the device is not exposed to exploits
- ^ Staff (2018-01-03). "Intel Responds To Security Research Findings". Intel. Retrieved 2018-01-04.
- ^ "Processor Speculative Execution Research Disclosure". Amazon Web Services, Inc. Retrieved 2018-01-03.
- ^ "A Critical Intel Flaw Breaks Basic Security for Most Computers". Wired. 2018-01-03.
- ^ ARM Ltd.2018-01-03. Retrieved 2018-01-05.
- ^ "Intel's processors have a security bug and the fix could slow down PCs". The Verge. Retrieved 2018-01-03.
- ^ a b "Linux Gaming Performance Doesn't Appear Affected By The x86 PTI Work". Phoronix.com. Retrieved 2018-01-03.
- ^ Lendacky, Tom. "[tip:x86/pti] x86/cpu, x86/pti: Do not enable PTI on AMD processors". LKML.org. Retrieved 2018-01-03.
- ^ "Patches arrive for Intel's 'Meltdown' flaw — here's how to protect your device". 2018-01-04.
- ^ "An Update on AMD Processor Security".
- ^ "Who's affected by computer chip security flaw". Archived from the original on 2018-01-04. Retrieved 2018-01-04.
- ^ "Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign". The Register.
- ^ Staff (2018). "Meltdown and Spectre-faq-systems-spectre". Graz University of Technology. Retrieved 2018-01-03.
- ^ Busvine, Douglas; Nellis, Stephen (2018-01-03). "Security flaws put virtually all phones, computers at risk". Reuters. Thomson-Reuters. Retrieved 2018-01-08.
- ^ "Google: Almost All CPUs since 1995 Vulnerable to "Meltdown" and "Spectre" Flaws".
- ^ "P6 family microarchitecture". www.jaist.ac.jp.
- ^ "Understanding Those Alarming Computer Chip Security Holes: 'Meltdown' and 'Spectre'".
- ^ "'Spectre' and 'Meltdown': New CPU vulnerabilities affect most smartphones and computers". 2018-01-04.
- ^ "Why Raspberry Pi Isn't Vulnerable to Spectre or Meltdown". Raspberry Pi. 2018-01-05. Retrieved 2018-01-30.
- ^ Tung, Liam (2018-01-10). "Meltdown-Spectre: IBM preps firmware and OS fixes for vulnerable Power CPUs". ZDNet. Retrieved 2018-01-30.
- ^ "Solaris+SPARC is Meltdown (CVE-2017-5754) free – Tales from the Datacenter". Tales from the Datacenter. 2018-01-22. Retrieved 2018-01-23.
- ^ Kroah-Hartman, Greg (2018-01-02). "Linux 4.14.11 Changelog". kernel.org.
- ^ Kroah-Hartman, Greg (2018-01-05). "Linux 4.9.75 Changelog". kernel.org.
- ^ Corbet, Jonathon (2017-11-15). "KAISER: hiding the kernel from user space". LWN. Retrieved 2018-01-03.
- ^ Corbet, Jonathon (2017-12-20). "The current state of kernel page-table isolation". LWN. Retrieved 2018-01-03.
- ^ "RHSA-2018:0008 – Security Advisory". RedHat announcements.
- ^ "RHSA-2018:0007 – Security Advisory". RedHat announcements.
- ^ "[CentOS-announce] CESA-2018:0008 Important CentOS 6 kernel Security Update". CentOS announcements. 2018-01-04. Retrieved 2018-01-05.
- ^ "[CentOS-announce] CESA-2018:0007 Important CentOS 7 kernel Security Update". CentOS announcements. 2018-01-04. Retrieved 2018-01-05.
- ^ "Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign". The Register. Retrieved 2018-01-03.
- ^ "About the security content of macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan". Apple Support. Retrieved 2018-01-18.
- ^ "About the security content of iOS 11.2". Apple Support. Retrieved 2018-01-18.
- ^ "About the security content of tvOS 11.2". Apple Support. Retrieved 2018-01-18.
- ^ "About speculative execution vulnerabilities in ARM-based and Intel CPUs". Apple Support. Retrieved 2018-01-18.
- ^ "Apple Releases macOS High Sierra 10.13.2 Supplemental Update With Spectre Fix". Retrieved 2018-01-18.
- ^ "Apple Releases iOS 11.2.2 With Security Fixes to Address Spectre Vulnerability". Retrieved 2018-01-18.
- ^ "About the security content of Safari 11.0.2". Apple Support. Retrieved 2018-01-18.
- ^ "About the security content of macOS High Sierra 10.13.2 Supplemental Update". Apple Support. Retrieved 2018-01-18.
- ^ "About the security content of iOS 11.2.2". Apple Support. Retrieved 2018-01-18.
- Vox Media, Inc.Retrieved 2018-01-03.
- ^ Thorp-Lancaster, Dan (2018-01-03). "Microsoft pushing out emergency fix for newly disclosed processor exploit". Windows Central. Retrieved 2018-01-04.
- ^ "Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities". support.microsoft.com. Retrieved 2018-01-04.
- ^ "Windows Server Guidance to protect against the speculative execution side-channel vulnerabilities". Microsoft Support.
- ^ a b Ranger, Steve. "Windows Meltdown and Spectre patches: Now Microsoft blocks security updates for some AMD based PCs". ZDNet. Retrieved 2018-01-09.
- ^ Tung, Liam. "Windows Meltdown-Spectre patches: If you haven't got them, blame your antivirus". ZDNet. Retrieved 2018-01-04.
- ^ "Important information regarding the Windows security updates released on 3 January 2018 and anti-virus software". Microsoft. Retrieved 2018-01-04.
- ^ "Westmere Arrives". www.realworldtech.com.
- ^ "A Critical Intel Flaw Breaks Basic Security for Most Computers". Wired. Retrieved 2018-01-04.
- ^ "Intel CPU kernel bug FAQ: Fix for massive security flaw could slow down PCs and Macs". PCWorld. Retrieved 2018-01-04.
- ^ "Initial Benchmarks Of The Performance Impact Resulting From Linux's x86 Security Changes". Phoronix. Retrieved 2018-01-04.
- Phoronix. Retrieved 2019-05-25.
- ^ Hachman, Mark (2018-01-25). "Intel's plan to fix Meltdown in silicon raises more questions than answers – But what silicon?!! Be sure and read the questions Wall Street should have asked". PC World. Retrieved 2018-01-26.
- ^ Bright, Peter (2018-04-04). "Intel drops plans to develop Spectre microcode for ancient chips". ArsTechnica.com. Retrieved 2020-11-03.
- ^ "Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems". Microsoft. 2018-01-09.
External links
- Official website of the Meltdown and Spectre vulnerabilities
- Google Project Zero write-up
- CVE-2017-5754 at National Vulnerability Database
- Meltdown's proof-of-concept released by researchers that also published the meltdown paper.
- Am I Affected by Meltdown – Meltdown Checker Tool created by Raphael S. Carvalho
- Meltdown/Spectre Checker Gibson Research Corporation