CPU Vulnerabilities, Meltdown and Spectre, Kernel Page Table Isolation Patches, and more

Discussion in 'Hardware Components and Aftermarket Upgrades' started by hmscott, Jan 2, 2018.

  1. Papusan

    Papusan Jokebook's Sucks! Dont waste your $$$ on Filthy

    Reputations:
    41,455
    Messages:
    29,497
    Likes Received:
    58,376
    Trophy Points:
    931
    Intel isn't afraid of new Spectre vulnerabilities, but researchers say they should be techspot.com | 5 may, 2021

    Intel believes that their processors are secure enough as it is

    A few days ago, a report was published detailing three novel Spectre vulnerabilities that exist inside the micro-op cache of all modern processors. Shortly after we wrote about it, Intel reached out to say that they don’t think the new vulnerabilities are a big problem. Their official statement reads: "Intel reviewed the report and informed researchers that existing mitigations were not being bypassed and that this scenario is addressed in our secure coding guidance. Software following our guidance already have protections against incidental channels including the uop cache incidental channel. No new mitigations or guidance are needed."

    [​IMG]
    Intel refutes claim that newly-uncovered Spectre vulnerability variants need patching with performance-leeching fixes


    Have anyone seen a responce from AMD on the latest Spectre vulnerabilities?

    A new Spectre vulnerability is costly to patch but nearly impossible to exploit techspot.com | 5 may, 2021

    Will Spectre haunt CPUs forever?

    TL;DR: Researchers from the University of Virginia and the University of California, San Diego discovered three Spectre vulnerabilities in AMD and Intel processors during their study of the micro-op cache. The vulnerabilities bypass existing Spectre mitigations, and the researchers predict that their proposed low-level fixes would incur an expensive performance penalty. However, they acknowledge that exploiting these might prove too difficult to justify harsh mitigations.

    The three newly discovered vulnerabilities are in the design of the micro-op cache, a feature of modern CPUs present in AMD processors from 2017 onwards and Intel CPUs from 2011 onwards. The micro-op cache improves a processor’s performance by storing low-level instructions that are spawned as the processor breaks complex instructions down into computable arithmetic. It hasn’t been the subject of much investigative research, until now, because AMD and Intel document their micro-op cache designs poorly to conceal their proprietary designs.
     
    Last edited: May 4, 2021
  2. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    11,760
    Messages:
    11,223
    Likes Received:
    8,734
    Trophy Points:
    931
    Already lost half of the CPU power after 2020 spectre updates. After applying new update, its better to buy another jokebook.
    Has anyone patched their Dell updaters? Seems like there's a vulnerability https://www.bleepingcomputer.com/ne...puts-hundreds-of-millions-of-systems-at-risk/
     
    etern4l likes this.
  3. Robbo99999

    Robbo99999 Notebook Prophet

    Reputations:
    4,345
    Messages:
    6,824
    Likes Received:
    6,111
    Trophy Points:
    681
    I see I see, don't majorly piss off persons with hacker connections! ¯\_(ツ)_/¯
    That's probably true, as in it's an ingrained part of our technological lives that can't be solved, for if you enable death penalties for such offenses then so would you for robbing grocery stores or having a fight with someone...it's not really possible to set the bar that low because then there's not really any gradations of punishment and is kind of along the lines of police state territory.
     
    Papusan, Vasudev and Mr. Fox like this.
  4. Papusan

    Papusan Jokebook's Sucks! Dont waste your $$$ on Filthy

    Reputations:
    41,455
    Messages:
    29,497
    Likes Received:
    58,376
    Trophy Points:
    931
    Two New Security Vulnerabilities to Affect AMD EPYC Processors
    techpowerup.com | Today, 08:48

    AMD processors have been very good at the field of security, on par with its main competitor, Intel. However, from time to time, researchers find new ways of exploiting a security layer and making it vulnerable to all kinds of attacks. Today, we have information that two new research papers are being published at this year's 15th IEEE Workshop on Offensive Technologies (WOOT'21) happening on May 27th. Both papers are impacting AMD processor security, specifically, they show how AMD's Secure Encrypted Virtualization (SEV) is compromised. Researchers from the Technical University of Munich and the University of Lübeck are going to present their papers on CVE-2020-12967 and CVE-2021-26311, respectfully.

    While we do not know exact details of these vulnerabilities until papers are presented, we know exactly which processors are affected. As SEV is an enterprise feature, AMD's EPYC lineup is the main target of these two new exploits. AMD says that affected processors are all of the EPYC embedded CPUs and the first, second, and third generation of regular EPYC processors. For third-generation EPYC CPUs, AMD has provided mitigation in SEV-SNP, which can be enabled. For prior generations, the solution is to follow best security practices and try to avoid an exploit.
     
  5. Papusan

    Papusan Jokebook's Sucks! Dont waste your $$$ on Filthy

    Reputations:
    41,455
    Messages:
    29,497
    Likes Received:
    58,376
    Trophy Points:
    931
    Questionable AMD PCI Driver May Improve Game Stability But Could Be A Security Headache hothardware.com

    Thankfully, these issues only affect stepping B1 of Zen 1 (Ryzen 1xxx) and Zen 2 XT series (Ryzen 3xxx) processors. Regardless of what this affects, as Ionescu tweeted, "the driver is vulnerable, its use is obfuscated, these checks are poorly thought out, the list of processes is arbitrary, everything is being done behind user's backs, and it affects the system globally based on a single process name."

    As such, it's rather concerning that this questionable driver is apparently deployed for production-level AMD systems of this vintage. Hopefully we will find out what is really going on with this methodology being employed, as we have reached out to AMD for comment. Until we get a response, let us know what you make of this situation in the comments below.
     
  6. Papusan

    Papusan Jokebook's Sucks! Dont waste your $$$ on Filthy

    Reputations:
    41,455
    Messages:
    29,497
    Likes Received:
    58,376
    Trophy Points:
    931
  7. Clamibot

    Clamibot Notebook Deity

    Reputations:
    623
    Messages:
    1,103
    Likes Received:
    1,472
    Trophy Points:
    181
    I still don't get why people are so hung up on security on consumer grade systems. I just want maximum performance.

    The best layer of security is us. We must make good choices.
     
    Papusan, Vasudev and tilleroftheearth like this.
  8. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    11,760
    Messages:
    11,223
    Likes Received:
    8,734
    Trophy Points:
    931
    Hmm... Last time it was unpatchable Secure Enclave requiring hardware upgrade.
    You should care about security. Not everyone can buy enterprise grade electronics and consumer electronics should be nearly secure as enterprise grade systems. With increasing BYOD(Bring Your Own Device) programs in IT space security shouldn't be ignored!
    Then there is option to disabling security feature at the expense of increased perf.
     
    Starlight5 and Papusan like this.
  9. Papusan

    Papusan Jokebook's Sucks! Dont waste your $$$ on Filthy

    Reputations:
    41,455
    Messages:
    29,497
    Likes Received:
    58,376
    Trophy Points:
    931
    Intel Disabling TSX On Certain CPUs, Skylake And Coffee Lake Affected wccftech.com | Jun 29, 2021

    Intel recently introduced a microcode update to their CPUs earlier this month included in a recent update to it's developer guide. Interestingly, Intel has begun to disable the Transactional Synchronization Extensions (TSX) with this new microcode on certain processor families (on both Windows and Linux) such as Skylake and Coffee Lake CPUs.

    How does the removal of TSX by Intel affect general-purpose computing?
    When utilizing the TSX, benchmarks of certain workloads showed an increase of as much as 40% more efficiency and four to five times faster database transactions. By removing the extension, there will be a mild drop in the CPU's processing if you are someone that is using these workloads and update to the latest microcode.

    Website Phoronix reports that Intel has been aware of the issue as far back as 2018. With the rollout of this new microcode in the Linux 5.14 cycle patches, they are not only repairing security issues but also starting to disable TSX.
     
  10. Clamibot

    Clamibot Notebook Deity

    Reputations:
    623
    Messages:
    1,103
    Likes Received:
    1,472
    Trophy Points:
    181
    Yet another reason to never update anything if you don't know what the update contains or if what you already have is working fine.
     

Share This Page