1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Discussion in 'Frontpage news' started by zero_cool, Jan 2, 2018.

  1. rflair

    rflair Don Commisso Staff Member

    Messages:
    3,814
    Likes Received:
    80
    GPU:
    GTX 980/290X
    As I understand it Meltdown is Intel specific and patchable via OS update, Spectre is four different exploits and may be unpatchable and AMD is only exploitable by one method and requires physical access to the machine.

    Edited, confusing crap.
     
    Last edited: Jan 7, 2018
    airbud7 and AsiJu like this.
  2. Evildead666

    Evildead666 Maha Guru

    Messages:
    1,230
    Likes Received:
    234
    GPU:
    Vega64/EKWB/Noctua
    So Ideally, what we need is a carefully crafted solution for Meltdown, for those of us who use intel, which explains how to modify a BIOS and inject the Microcode provided by intel (one for each CPU generation I would expect).
    A step by step process would be the best.
    Something anyone could do, with the microcode and Tools from verified sources. That is the most important for me.
     
  3. Evildead666

    Evildead666 Maha Guru

    Messages:
    1,230
    Likes Received:
    234
    GPU:
    Vega64/EKWB/Noctua
    As i'm reading it now : https://www.theregister.co.uk/2018/01/05/spectre_flaws_explained/ The Meldown Flaw is the one that is mitigated by OS updates, and the Spectre Flaw is the biggie which needs Bios/Microcode updates, and may not be patched at all for some older CPU's.

    This is the sort of patchy information that is coming through.
    Its as confusing as F*ck. ;)
     
  4. kruno

    kruno Master Guru

    Messages:
    252
    Likes Received:
    67
    GPU:
    4890/1
    In nutshell this is spectre , it is Bobby tables,meaning there is possible exploit and developers need to sanitize their code, it is general purpose attack on speculative execution , yeah there is no patch for that just caution and good programming or completely getting rid of SE and that is not going to happen.

    https://xkcd.com/327/
     

  5. rflair

    rflair Don Commisso Staff Member

    Messages:
    3,814
    Likes Received:
    80
    GPU:
    GTX 980/290X
    Yes technically the same microcode should work across all BIOSs dating way back, so if someone gets just the microcode they could inject it into an already compiled BIOS, and yes the tools are out there to do this. This will be ultimately trial and error, but it should work.
     
  6. AsiJu

    AsiJu Ancient Guru

    Messages:
    5,799
    Likes Received:
    1,256
    GPU:
    MSI RTX 2070 Armor
    What I gathered is Meltdown cannot be patched out via microcode update -> software (OS kernel) workaround is necessary.

    Spectre on the other hand can be patched via microcode/firmware update -> updated BIOS needed for protection.

    AMD is only vulnerable to one variant of Spectre and I've read it could be even then only under Linux under specific circumstances.

    Meltdown is the worse of the two.
     
    rflair likes this.
  7. Alessio1989

    Alessio1989 Maha Guru

    Messages:
    1,380
    Likes Received:
    232
    GPU:
    .
    Spectre variant-2 can be mitigate only with microcode update, an OS update is also required to complete the protection (actually the OS update do not work without the microcode update). This exploit has only not empirically demonstrated to work with AMD CPUs.

    Spectre variant-1 is still unfixed and is still not clear what actions will be taken against it (the LLVM team is considering adding some changes in the backends). This exploit has been proved to work on many CPU architectures and from different IHVs (Intel, AMD, most variant s of ARM architectures, PowerPC, etc..).

    Meltdown should be fixed on most OS running on Intel and Cortex A-75 CPUs (not sure if the "light" register only version has been patched too for the other ARM Cortex architectures).
     
    Last edited: Jan 7, 2018
    AsiJu likes this.
  8. jbmcmillan

    jbmcmillan Ancient Guru

    Messages:
    2,657
    Likes Received:
    194
    GPU:
    Gigabyte G1 Gaming GTX970
    I just looked and that installed on the 4th for me I never even noticed lol.
     
  9. Sergio

    Sergio Master Guru

    Messages:
    254
    Likes Received:
    7
    GPU:
    Asus 760 DirectCU II OC
    Amazing! So they don't have spare time to give us bios for z97 z87 z77 vs users? How long will it take them to fix 1 bios file for each mainboard from those series? 15mins? 1hour? 6hours? 12hours? 24? 48? 1 week? Never? .........
     
  10. mbk1969

    mbk1969 Ancient Guru

    Messages:
    7,907
    Likes Received:
    4,543
    GPU:
    GeForce GTX 1070
    After I read description of Meltdown and Spectre I have impression that to use these vulnerabilities hacker should first get remote access to your OS by some other attack techniques.
    Also both weaknesses doesn`t give instant access to all memory, preparations are needed.
     

  11. remicius

    remicius Master Guru

    Messages:
    353
    Likes Received:
    3
    GPU:
    Asus RTX 2080 Ti
    i can see Intel will goes bankrupt in 1 year.big companys will sue them for billions of dollars and millions of customers will ask for thousands of dollars,.how much a bank will ask them for the damage or amazon or ebay and so on?and sony has a serious security problems couple years ago,and they could come up and say,that was because of the spectre and meltdown.i feel nice,just a day before this shitstorm i was upgraded my intel cpu and i was very happy with the incrase of the performance,now...........................................
     
  12. user1

    user1 Maha Guru

    Messages:
    1,386
    Likes Received:
    445
    GPU:
    hd 6870
    of course, but the point is that unprivileged software can access privileged memory, ie it can steal your keys. Mozilla also confirmed a few days ago that malicious javascript from a webpage can exploit meltdown and spectre https://www.bleepingcomputer.com/ne...tion-vector-for-meltdown-and-spectre-attacks/

    makes you want to not browse the web....
     
  13. RealNC

    RealNC Ancient Guru

    Messages:
    3,084
    Likes Received:
    1,320
    GPU:
    EVGA GTX 980 Ti FTW
    It stands to reason that this could be done through javascript. So visiting a malicious or compromised web page could do it.

    I don't think anyone has demonstrated a javascript proof of concept for it yet. But it doesn't sound like this would be impossible.
     
  14. D3M1G0D

    D3M1G0D Ancient Guru

    Messages:
    1,941
    Likes Received:
    1,241
    GPU:
    2 x GeForce 1080 Ti
    Spectre definitely needs some preparations/training in order to work. I think Meltdown can be used without any preparation though. Spectre can also be mitigated by smart coding - basically, prevent reading sensitive data immediately after a conditional. Old apps probably won't be recoded though.
     
  15. RealNC

    RealNC Ancient Guru

    Messages:
    3,084
    Likes Received:
    1,320
    GPU:
    EVGA GTX 980 Ti FTW
    This is what requires a microcode update. Updating the applications alone won't help. Updating the microcode alone won't help. You need to update the microcode, the compilers and the applications. If one of those things isn't patched, the system remains vulnerable.

    Which is why sandy bridge users are fu**ed.
     
    geronimo666 and user1 like this.

  16. mbk1969

    mbk1969 Ancient Guru

    Messages:
    7,907
    Likes Received:
    4,543
    GPU:
    GeForce GTX 1070
    If we assume malicious script just runs in browser without creating new independent process then basic protection against "slow" Spectre would be closing tabs in browser, closing browser itself when you done with Web.

    I do not believe that access to memory gives opportunity to implement script which will steal sensitive information automatically. I mean it sounds like hacker should analyse a lot of memory dumps.

    PS Also I am wondering how even java script can execute CPU instructions needed for all these side channel attacks.

    PPS Also ain`t java code itself is executed in sand box? And ain`t java script code should be executed in even more "narrow" environment?
     
    Last edited: Jan 8, 2018
  17. Angantyr

    Angantyr Master Guru

    Messages:
    614
    Likes Received:
    134
    GPU:
    GTX 980Ti EVGA SC+
    Rich_Guy and lucidus like this.
  18. RealNC

    RealNC Ancient Guru

    Messages:
    3,084
    Likes Received:
    1,320
    GPU:
    EVGA GTX 980 Ti FTW
    They could target application builds with known memory layouts that have not been hardened against this attack.

    From what I can tell, the attack vector here is hijacking function returns and alter their jump target. If they know the memory offsets of the functions, then could exploit the bug to make the function jump into their own code, even if it's across process boundaries, which would make this a remote code execution exploit. It seems that to fix this bug, the compilers need to be updated, the applications need to be recompiled with the new compiler, and the CPU needs a microcode update so that the CPU actually respects the code the compilers are generating.

    With that being said, I could be mistaken with the above. But that's how I understood the issue from the way the Linux ecosystem is trying to address this. There's patches in the GCC and Clang compilers for this, and applications need to be recompiled, and the new microcode needs to be in place.
     
  19. Turanis

    Turanis Maha Guru

    Messages:
    1,422
    Likes Received:
    155
    GPU:
    Gigabyte RX500
    Not really,but:

    "Intel also tried to deflect lawyers by saying they follow industry best practices. They don’t and the AMT hole was a shining example of them putting PR above customer security.
    Similarly their sitting on the fix for the TXT flaw for *THREE*YEARS* because they didn’t want to admit to architectural security blunders and reveal publicly embarrassing policies
    until forced to disclose by a governmental agency being exploited by a foreign power is another example that shines a harsh light on their ‘best practices’ line. There are many more like this.
    Intel isn’t to be trusted for security practices or disclosures because PR takes precedence over customer security.

    Unfortunately security doesn’t sell and rarely affects marketshare. This time however is different and will hit Intel were it hurts, in the wallet."
    https://semiaccurate.com/2018/01/04/kaiser-security-holes-will-devastate-intels-marketshare/
     
  20. remicius

    remicius Master Guru

    Messages:
    353
    Likes Received:
    3
    GPU:
    Asus RTX 2080 Ti
    Thank you to share your opinion on my thoughts.iam just feels like i have lost trust in Intel,if its true that they cannot fixed this problems on hardware level.like i mentioned,a day befor the bad news,i upgraded my rig and i was very happy with it.it was like a nightmare what happend after,there is a chance that all the intel cpu user will loosing performance in the near future.i just have this feeling that they dont want to decrease the speed by 20-60% at once,step by step and they have a hope we will swallow this.
     

Share This Page