Massive security hole in CPU's incoming?Official Meltdown/Spectre Discussion Thread

Page 80 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
Panino Manino

Panino Manino

Senior member
Jan 28, 2017
820
1,022
136
I was thinking, it's possible to disable these mitigation, at least on Ubuntu? It's possible to disable and enable at will? Or most of these mitigation once they're activate there's no reverting back?
 
J

jpiniero

Lifer
Oct 1, 2010
14,584
5,206
136
Panino Manino said:
I was thinking, it's possible to disable these mitigation, at least on Ubuntu? It's possible to disable and enable at will? Or most of these mitigation once they're activate there's no reverting back?
Click to expand...

You can turn it off, that's how Phoronix is testing it.
 
N

nicalandia

Diamond Member
Jan 10, 2019
3,330
5,281
136
AMD Processors Expose Sensitive Data to New 'SQUIP' Attack
www.securityweek.com

AMD Processors Expose Sensitive Data to New 'SQUIP' Attack

Researchers disclose the details of SQUIP, a side-channel attack targeting the scheduler queues of AMD CPUs.
www.securityweek.com www.securityweek.com

SGX, Intel’s supposedly impregnable data fortress, has been breached
yet again


Thankfully anything of worth that I had that could be stolen has already been taken by my Ex Wives...!
 
  • Haha
  • Like
Reactions: Chicken76, IEC, DarthKyrie and 3 others
moinmoin

moinmoin

Diamond Member
Jun 1, 2017
4,944
7,656
136
“An attacker running on the same host and CPU core as you could spy on which types of instructions you are executing due to the split-scheduler design on AMD CPUs.”
Click to expand...
That's kind of a "Doh!" situation. Cores have their own schedulers, which are obviously shared for SMT on the same core. That's why disabling SMT (or not splitting threads of the same core among different users) has been best practice since when Spectre first appeared.

The bug that enables ÆPIC Leak is what is known as an uninitialized memory read, which occurs when memory space is not freed up after the CPU has finished processing it, causing old data to leak that is no longer needed. Unlike previous CPU bugs with names like Specter, Meltdown, Foreshadow, and RIDL/Fallout/ZombieLoad – which resulted from temporary runs that created side channels revealing private data – ÆPIC Leak is an architectural flaw that resides in the CPU itself.
Click to expand...
SGX has been essentially dead for quite some time already, but still: ouch! I sure hope Intel put more thought into the upcoming SGX2.
 
  • Like
Reactions: nicalandia
N

nicalandia

Diamond Member
Jan 10, 2019
3,330
5,281
136
  • Like
  • Wow
Reactions: scineram, igor_kavinski and moinmoin
moinmoin

moinmoin

Diamond Member
Jun 1, 2017
4,944
7,656
136
nicalandia said:
I also don't use Windows 11, keep Windows 10 up to date..


Beware: Windows 11-ready CPUs with VAES "susceptible to data damage", full CPU list here
www.neowin.net

Beware: Windows 11-ready CPUs with VAES "susceptible to data damage", full CPU list here

Microsoft has issued a warning for those out there running Windows 11 on supported CPUs. The company has found that modern chips with the new VAES instruction are "susceptible to data damage".
www.neowin.net www.neowin.net
Click to expand...
Hm, as far as I understand it it's not really the VAES instruction that's broken (as all chips implementing VAES seem to be equally affected) but the way Windows 11 previously applied it that could be susceptible to data damage, by what appears to be saving some safeguarding that now has to be applied anyway and consequently leads to longer processing time.
 
  • Like
Reactions: scineram
DrMrLordX

DrMrLordX

Lifer
Apr 27, 2000
21,620
10,829
136
So . . . Skylake-SP? Cascade Lake-SP is 9th gen and IceLake-SP is 10th gen. On desktop that affects Coffee Lake, Kabylake, and Skylake.
 
Fanatical Meat

Fanatical Meat

Lifer
Feb 4, 2009
34,553
15,766
136
has this hole turned out to be an issue. Seems like it’s been quite a while and consumer equipment doesn’t appear to be impacted. How about data centers?
 
DrMrLordX

DrMrLordX

Lifer
Apr 27, 2000
21,620
10,829
136
Fanatical Meat said:
has this hole turned out to be an issue. Seems like it’s been quite a while and consumer equipment doesn’t appear to be impacted. How about data centers?
Click to expand...

Golden Cove and Raptor Cove aren't in datacentres yet, so there's no way of knowing how these newer kernel versions will affect Sapphire Rapids or Emerald Rapids. For consumer desktop, I would expect savvy Linux users to disable the mitigations if they need extra performance. Especially if there are no known exploits in the wild based on the vulnerability(ies) meant to be mitigated by later kernel versions.
 
JimKiler

JimKiler

Diamond Member
Oct 10, 2002
3,558
205
106
Hitul said:
Meltdown and Spectre are two major security vulnerabilities that affect nearly all modern processors, including those from Intel, AMD, and ARM. These vulnerabilities can potentially allow attackers to access sensitive data such as passwords, encryption keys, and other private information stored in memory on affected systems.
Meltdown and Spectre are both related to the way that modern processors use speculative execution to improve performance. Speculative execution allows processors to predict the outcome of certain operations and execute them in advance, which can improve performance. However, it can also lead to the exposure of sensitive data through side-channel attacks.
The vulnerabilities were first discovered and reported by security researchers in early 2018. Since then, software and firmware patches have been released by various vendors and operating system providers to mitigate the vulnerabilities. However, the patches may have a performance impact on affected systems, and it is important to keep systems up-to-date with the latest security patches to protect against these vulnerabilities.
It is recommended to regularly update operating systems, firmware, and other software to protect against security vulnerabilities such as Meltdown and Spectre. Additionally, it is important to practice good security hygiene, such as using strong passwords and multi-factor authentication, to reduce the risk of data breaches and other security threats.
Click to expand...

I heard breaking news that Abraham Lincoln has been shot!
 
  • Haha
  • Like
Reactions: Roger Wilco, KompuKare, Hitman928 and 4 others
moinmoin

moinmoin

Diamond Member
Jun 1, 2017
4,944
7,656
136
I personally think all the voltage glitching exploits should get a separate thread since those require a degree of access simply not comparable to classical software exploits.
 
  • Like
Reactions: DarthKyrie and scannall
DrMrLordX

DrMrLordX

Lifer
Apr 27, 2000
21,620
10,829
136
Interesting glitch, though it requires you to use $200 of hardware and to spend several hours fiddling with the hardware directly. In person.

Not exactly plundervolt now is it?
 
  • Like
Reactions: DarthKyrie and Hitman928
moinmoin

moinmoin

Diamond Member
Jun 1, 2017
4,944
7,656
136
Could be juicy. Phoronix's Michael is already doing performance tests with the new microcode and wrote he'll publish news this weekend if performance is affected by this.
 
I

igor_kavinski

Lifer
Jul 27, 2020
16,164
10,240
106
*groan* My Coffee Lake i7-8850H Precision Laptop already boots a bit slow with Windows 11. I don't like the sound of this AT ALL.
 
H

Hitman928

Diamond Member
Apr 15, 2012
5,244
7,793
136
New “Zenbleed” vulnerability announced. Effects up to Zen2 products. Can be exposed remotely and even drum within a virtual machine. Firmware patch to address the issue is available for Epyc systems, no ETA for patch on the consumer side.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom