Intel CPU kernel bug

  • 8 Replies
  • 867 Views

0 Members and 1 Guest are viewing this topic.


Offline claude

  • *
  • 3e
  • *****
  • Posts: 1063
    • mathr.co.uk
« Reply #1 on: January 04, 2018, 02:34:37 AM »
possibly, but as I understand it the slowdown will come from user-mode / kernel-mode context switches taking more time, which means user-mode-computation-heavy workloads like rendering might not be very badly affected

Offline Bill Snowzell

  • *
  • Fractal Feline
  • **
  • Posts: 150
« Reply #2 on: January 04, 2018, 11:04:31 AM »
Buy AMD shares

Offline Anon

  • *
  • Fractal Fluff
  • *****
  • Posts: 354
« Reply #3 on: January 05, 2018, 12:39:45 AM »
Intel Security Flaw - Severe - ASUS, Gigabyte & ASRock fixes identified

Affected products:

    6th, 7th & 8th Generation Intel? Core? Processor Family
    Intel? Xeon? Processor E3-1200 v5 & v6 Product Family
    Intel? Xeon? Processor Scalable Family
    Intel? Xeon? Processor W Family
    Intel? Atom? C3000 Processor Family
    Apollo Lake Intel? Atom Processor E3900 series
    Apollo Lake Intel? Pentium?
    Celeron? N and J series Processors

Quote
Puget Support:
Your processor will not be affected by the vulnerability.
My 6 year old computer has a second generation processor.  :thumbs:

Offline ottomagus

  • *
  • Fractal Friend
  • **
  • Posts: 10
    • Otto Magus Digital Art
« Reply #4 on: January 05, 2018, 01:46:12 AM »

Thanks for the information, Anon.
My processor is 4th generation Intel Core, so should be okay.
If anyone has Intel Core and wants to check the generation, in your Device Specifications you should have something like this:
Processor  Intel(R) Core(TM) i7-4770 CPU
The generation is the first digit of the four digit number, in my case 4.
(In Windows 10, Device specifications can be accessed by right clicking the Start button, then selecting "System").

Offline 3DickUlus

  • *
  • 3e
  • *****
  • Posts: 1107
    • Digilantism
« Reply #5 on: January 05, 2018, 06:14:19 AM »
just recieved this today from EasyDNS...
Quote from: Mark E. Jeftovic
link = https://www.easydns.com/blog/2018/01/04/special-update-on-the-spectre-meltdown-intel-chipset-vulnerability/

    The Intel chipset bug
    What and who is affected
    What to do about it

 

The Intel chipset bug

A security research team discovered two separate vulnerabilities in Intel chips
that exploit weaknesses in the isolation between the operating system and the
application layer in one case, and between different applications in the other.
Dubbed ?Spectre? and ?Meltdown?, these weaknesses affect pretty well all Intel
chipsets and if exploited, can expose sensitive data on the device (such as
passwords) and cannot be detected via traditional means.

See: https://spectreattack.com/

Also:
https://googleprojectzero.blogspot.ca/2018/01/reading-privileged-memory-with-side.html

The security researchers reported their findings to Intel June 1, 2017.
Intel?s CEO initiated a plan to sell $24 million USD of his stock on Oct 30,
2017, ahead of the public disclosure, (which of course, is completely unrelated
to this.)

 

What and who is affected

Pretty much everybody. This means you.

It is unclear to me at this point if AMD bugs are affected or not. I have read
that this problem is not confined to Intel chips, Intel?s statement
https://newsroom.intel.com/news/intel-responds-to-security-research-findings/
 on this mentions that they are collaborating with AMD and other chipset makers
on a fix. I don?t know whether this means ?we?re getting advice from
people who aren?t affected? or if that means ?we?re all affected and
figuring out what to do?.

My original read on this was that local access (i.e. a unix shell or command
prompt) was required to exploit the kernel. This was still bad news for cloud
platforms (AWS, Digital Ocean, et al) and web hosts that allow shell access. The
attack would, at least theoretically, put sensitive data across all virtual
machines on a shared hardware instance at risk. Serious enough.

But then I was made aware that the Spectre paper
https://spectreattack.com/spectre.pdf  mentions that the Spectre
vulnerability is attackable via javascript:

"Spectre attacks can also be used to violate browser sandboxing, by mounting
them via portable JavaScript code. We wrote a JavaScript program that
successfully reads data from the address space of the browser process running
it."


So far there have been no known exploits sighted in the wild, however given that
a successful attack would be harder to detect than most, we should be doing what
we can to reduce our attack surfaces sooner than later.

See: https://newsroom.intel.com/news/intel-responds-to-security-research-findings/

Also: https://spectreattack.com/spectre.pdf

 

What to do about it

Security Response professional Chris Mills is collating a comprehensive list of
vendors, platforms, browsers, patches on his blog here
https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/ .

Some selected crib notes:

    Firefox: make sure to run latest version (above 57) as per their advisory
    https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/ .
    Chrome: go to "chrome://flags/#enable-site-per-process? in your browser
    and make sure ?Strict Site Isolation? is enabled.
    Developers/Webmasters: The Google chrome notes on this
    http://URL:https://www.chromium.org/Home/chromium-security/ssca  also
    includes guidelines on how to best handle cookies, mime-types and to use CRSF
    tokens.
    Cloud operators: should be applying kernel patches, one big drawback about
    all this is that apparently, the patches to this can slow chip performance by up
    to 30%. A serious hit in that department.

Again, follow the progress of vendor published info
https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/
 as this plays out and take appropriate actions.

Resistance is fertile... you will be illuminated!

https://en.wikibooks.org/wiki/Fractals/fragmentarium

Offline hobold

  • *
  • Fractal Fruit Salad
  • *****
  • Posts: 75
« Reply #6 on: January 05, 2018, 12:12:44 PM »
1. At Home: Don't Panic!
Private machines are as safe or unsafe as they ever were, sadly. Even without Meltdown and Spectre, there are more than enough vulnerabilities.

2. In the Cloud: Be Concerned
Cloud hosting environments are in a bit of trouble now. These new vulnerabilities enable an attacker to break through from one virtual machine to another. The hosting providers will deploy workarounds (or already did so recently). But those workarounds will only shrink the attack surface, not completely prevent all future exploits.

3. Performance Effects
The OS patches for Meltdown will cost a bit of performance, as they make application calls to OS services slower. The impact varies from negligible (e.g. games see frame rate drops around 1%) to severe (e.g. big data bases on 10G network with fast NVMe storage can drop by 30%). AMD's Ryzen family of processors does not require these changes, and thus does not need to give up performance.

CPU bound computation like 3D-Rendering and fractals should not suffer from this at all.

4. Background
4.1. "Meltdown"
This concerns all Intel CPUs of the last 10 years, except a few old and slow Atom processors. A few recent ARM processors, including some of Apple's, also exhibit this vulnerability. AMD's Ryzen, Threadripper and EPIC don't have this particular weakness.

The cause here is an overeager optimization of memory read instructions. All read instructions are checked by the hardware if they have permission to access the target memory address. Typically, an application may only access its own memory, but not the OS or other applications. Intel's processors, and a few of the fastest ARM processors, do this check very late in the pipeline, presumably to enable higher processing speed. The Meltdown attack describes a clever way to leak protected information to an attacker in the short window of time between reading the forbidden data and checking permission. (It is actually more complicated than that, because all this has to happen while the processor is still guessing the outcome of earlier instructions in program flow - that's why you will read about "speculative" memory reads in the news.)

AMD's latest processors (the Zen family) do the permission check earlier, and presumably squash forbidden data instead of returning it to the attacker. Older AMD processors (Bulldozer, Excavator, Piledriver) may be susceptible, though.

4.2. "Spectre"
Where Meltdown attacks memory speculation, Spectre attacks branch prediction. This is another form of speculation present in pretty much all current processors. This vulnerability is harder to exploit, but also harder to mitigate. Specific exploits have been demonstrated for Intel processors and ARM processors. AMD's chips are vulnerable in principle, too, but the required reverse engineering of those machines has not been done yet. I expect it is only a matter of time, though.


Edit: One day later, all relevant processor details concerning "Spectre" of all relevant processor models have been reverse engineered by various parties. Definitive statements about vulnerability or invulnerability of specific processor models will probably keep trickling in day by day.
« Last Edit: January 06, 2018, 10:03:09 PM by hobold »

Offline RedshiftRider

  • *
  • Global Moderator
  • *******
  • Dendritic Entity
  • Posts: 172
  • Dagomar Schreuder
    • Youtube
« Reply #7 on: January 09, 2018, 07:14:27 AM »
Thanks for the useful links. My pc's cpu is of the 6th gen so I should have a look. I'll also test whether I notice any changes in performance.

Offline Anon

  • *
  • Fractal Fluff
  • *****
  • Posts: 354
« Reply #8 on: January 19, 2018, 12:26:30 AM »
FYI
Gibson Research Corporation | InSpectre 

Quote
Easily examine and understand any Windows
system's hardware and software capability to
prevent Meltdown and Spectre attacks.
« Last Edit: January 19, 2018, 01:54:46 AM by Anon »