1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Intel warns of Foreshadow CPU vulnerability family

Discussion in 'Article Discussion' started by bit-tech, 15 Aug 2018.

  1. bit-tech

    bit-tech Supreme Overlord Lover of bit-tech Administrator

    Joined:
    12 Mar 2001
    Posts:
    3,676
    Likes Received:
    138
    Read more
     
  2. adidan

    adidan Guesswork is still work

    Joined:
    25 Mar 2009
    Posts:
    19,722
    Likes Received:
    5,485
    This is driving me mad.

    Intel keep getting hit with things and listing what's affected - refer to our list of, oh pretty much everything we've ever made, but don't worry we've released microcode.

    Great but how about that being of use to those us who are using older affected gear? I've had no bios updates from Asus since 2016.

    My system still works great, where is the onus on board manufacturers not to force me into an environmentally unfriendly and money eating situation of ditching my rig for one that is protected?

    Just waiting for Ryzen 2 to drop and i'll hunt around to see how supportive, or not, other board manufacturers have been with older kit and look to ditch Asus too.
     
  3. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    3,909
    Likes Received:
    591
    This is the mentality people need to get out of when it comes to security. Everything will haver bugs found eventually. Everything. If something is no longer supported, then it must be considered no longer secure.
     
  4. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,066
    Likes Received:
    6,610
    Boo-urns.

    Code:
    blacklaw@xerxes:~/git/spectre-meltdown-checker$ sudo ./spectre-meltdown-checker.sh
    Spectre and Meltdown mitigation detection tool v0.39+
    
    Checking for vulnerabilities on current system
    Kernel is Linux 4.15.0-24-generic #26~16.04.1-Ubuntu SMP Fri Jun 15 14:35:08 UTC 2018 x86_64
    CPU is Intel(R) Core(TM) i7-7560U CPU @ 2.40GHz
    
    Hardware check
    * Hardware support (CPU microcode) for mitigation techniques
      * Indirect Branch Restricted Speculation (IBRS)
        * SPEC_CTRL MSR is available:  YES
        * CPU indicates IBRS capability:  YES  (SPEC_CTRL feature bit)
      * Indirect Branch Prediction Barrier (IBPB)
        * PRED_CMD MSR is available:  YES
        * CPU indicates IBPB capability:  YES  (SPEC_CTRL feature bit)
      * Single Thread Indirect Branch Predictors (STIBP)
        * SPEC_CTRL MSR is available:  YES
        * CPU indicates STIBP capability:  YES  (Intel STIBP feature bit)
      * Speculative Store Bypass Disable (SSBD)
        * CPU indicates SSBD capability:  YES  (Intel SSBD)
      * Enhanced IBRS (IBRS_ALL)
        * CPU indicates ARCH_CAPABILITIES MSR availability:  NO
        * ARCH_CAPABILITIES MSR advertises IBRS_ALL capability:  NO
      * CPU explicitly indicates not being vulnerable to Meltdown (RDCL_NO):  NO
      * CPU explicitly indicates not being vulnerable to Variant 4 (SSB_NO):  NO
      * Hypervisor indicates host CPU might be vulnerable to RSB underflow (RSBA):  NO
      * CPU microcode is known to cause stability problems:  NO  (model 0x8e family 0x6 stepping 0x9 ucode 0x8e cpuid 0x806e9)
      * CPU microcode is the latest known available version:  YES  (you have version 0x8e and latest known version is 0x8e)
    * CPU vulnerability to the speculative execution attack variants
      * Vulnerable to Variant 1:  YES
      * Vulnerable to Variant 2:  YES
      * Vulnerable to Variant 3:  YES
      * Vulnerable to Variant 3a:  YES
      * Vulnerable to Variant 4:  YES
    
    CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
    * Mitigated according to the /sys interface:  YES  (Mitigation: __user pointer sanitization)
    * Kernel has array_index_mask_nospec:  YES  (1 occurrence(s) found of x86 64 bits array_index_mask_nospec())
    * Kernel has the Red Hat/Ubuntu patch:  NO
    * Kernel has mask_nospec64 (arm64):  NO
    > STATUS:  NOT VULNERABLE  (Mitigation: __user pointer sanitization)
    
    CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
    * Mitigated according to the /sys interface:  YES  (Mitigation: Full generic retpoline, IBPB, IBRS_FW)
    * Mitigation 1
      * Kernel is compiled with IBRS support:  YES
        * IBRS enabled and active:  YES  (for kernel and firmware code)
      * Kernel is compiled with IBPB support:  YES
        * IBPB enabled and active:  YES
    * Mitigation 2
      * Kernel has branch predictor hardening (arm):  NO
      * Kernel compiled with retpoline option:  YES
        * Kernel compiled with a retpoline-aware compiler:  YES  (kernel reports full retpoline compilation)
      * Kernel supports RSB filling:  YES
    > STATUS:  NOT VULNERABLE  (Full retpoline + IBPB are mitigating the vulnerability)
    
    CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
    * Mitigated according to the /sys interface:  YES  (Mitigation: PTI)
    * Kernel supports Page Table Isolation (PTI):  YES
      * PTI enabled and active:  YES
      * Reduced performance impact of PTI:  YES  (CPU supports INVPCID, performance impact of PTI will be greatly reduced)
    * Running as a Xen PV DomU:  NO
    > STATUS:  NOT VULNERABLE  (Mitigation: PTI)
    
    CVE-2018-3640 [rogue system register read] aka 'Variant 3a'
    * CPU microcode mitigates the vulnerability:  YES
    > STATUS:  NOT VULNERABLE  (your CPU microcode mitigates the vulnerability)
    
    CVE-2018-3639 [speculative store bypass] aka 'Variant 4'
    * Mitigated according to the /sys interface:  YES  (Mitigation: Speculative Store Bypass disabled via prctl and seccomp)
    * Kernel supports speculation store bypass:  YES  (found in /proc/self/status)
    > STATUS:  NOT VULNERABLE  (Mitigation: Speculative Store Bypass disabled via prctl and seccomp)
    
    CVE-2018-3615/3620/3646 [L1 terminal fault] aka 'Foreshadow & Foreshadow-NG'
    > STATUS:  VULNERABLE  (your CPU is known to be vulnerable, and your kernel doesn't report that it mitigates the issue, but more thorough mitigation checking by this script is being worked on (check often for new versions!))
    
    Need more detailed information about mitigation options? Use --explain
    A false sense of security is worse than no security at all, see --disclaimer
    EDIT: Oh, wait, there's a new kernel - hooray!

    Code:
    blacklaw@xerxes:~/git/spectre-meltdown-checker$ sudo ./spectre-meltdown-checker.sh
    Spectre and Meltdown mitigation detection tool v0.39+
    
    Checking for vulnerabilities on current system
    Kernel is Linux 4.15.0-32-generic #35~16.04.1-Ubuntu SMP Fri Aug 10 21:54:34 UTC 2018 x86_64
    CPU is Intel(R) Core(TM) i7-7560U CPU @ 2.40GHz
    
    Hardware check
    * Hardware support (CPU microcode) for mitigation techniques
      * Indirect Branch Restricted Speculation (IBRS)
        * SPEC_CTRL MSR is available:  YES
        * CPU indicates IBRS capability:  YES  (SPEC_CTRL feature bit)
      * Indirect Branch Prediction Barrier (IBPB)
        * PRED_CMD MSR is available:  YES
        * CPU indicates IBPB capability:  YES  (SPEC_CTRL feature bit)
      * Single Thread Indirect Branch Predictors (STIBP)
        * SPEC_CTRL MSR is available:  YES
        * CPU indicates STIBP capability:  YES  (Intel STIBP feature bit)
      * Speculative Store Bypass Disable (SSBD)
        * CPU indicates SSBD capability:  YES  (Intel SSBD)
      * Enhanced IBRS (IBRS_ALL)
        * CPU indicates ARCH_CAPABILITIES MSR availability:  NO
        * ARCH_CAPABILITIES MSR advertises IBRS_ALL capability:  NO
      * CPU explicitly indicates not being vulnerable to Meltdown (RDCL_NO):  NO
      * CPU explicitly indicates not being vulnerable to Variant 4 (SSB_NO):  NO
      * Hypervisor indicates host CPU might be vulnerable to RSB underflow (RSBA):  NO
      * CPU microcode is known to cause stability problems:  NO  (model 0x8e family 0x6 stepping 0x9 ucode 0x8e cpuid 0x806e9)
      * CPU microcode is the latest known available version:  YES  (you have version 0x8e and latest known version is 0x8e)
    * CPU vulnerability to the speculative execution attack variants
      * Vulnerable to Variant 1:  YES
      * Vulnerable to Variant 2:  YES
      * Vulnerable to Variant 3:  YES
      * Vulnerable to Variant 3a:  YES
      * Vulnerable to Variant 4:  YES
    
    CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
    * Mitigated according to the /sys interface:  YES  (Mitigation: __user pointer sanitization)
    * Kernel has array_index_mask_nospec:  YES  (1 occurrence(s) found of x86 64 bits array_index_mask_nospec())
    * Kernel has the Red Hat/Ubuntu patch:  NO
    * Kernel has mask_nospec64 (arm64):  NO
    > STATUS:  NOT VULNERABLE  (Mitigation: __user pointer sanitization)
    
    CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
    * Mitigated according to the /sys interface:  YES  (Mitigation: Full generic retpoline, IBPB, IBRS_FW)
    * Mitigation 1
      * Kernel is compiled with IBRS support:  YES
        * IBRS enabled and active:  YES  (for kernel and firmware code)
      * Kernel is compiled with IBPB support:  YES
        * IBPB enabled and active:  YES
    * Mitigation 2
      * Kernel has branch predictor hardening (arm):  NO
      * Kernel compiled with retpoline option:  YES
        * Kernel compiled with a retpoline-aware compiler:  YES  (kernel reports full retpoline compilation)
      * Kernel supports RSB filling:  YES
    > STATUS:  NOT VULNERABLE  (Full retpoline + IBPB are mitigating the vulnerability)
    
    CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
    * Mitigated according to the /sys interface:  YES  (Mitigation: PTI)
    * Kernel supports Page Table Isolation (PTI):  YES
      * PTI enabled and active:  YES
      * Reduced performance impact of PTI:  YES  (CPU supports INVPCID, performance impact of PTI will be greatly reduced)
    * Running as a Xen PV DomU:  NO
    > STATUS:  NOT VULNERABLE  (Mitigation: PTI)
    
    CVE-2018-3640 [rogue system register read] aka 'Variant 3a'
    * CPU microcode mitigates the vulnerability:  YES
    > STATUS:  NOT VULNERABLE  (your CPU microcode mitigates the vulnerability)
    
    CVE-2018-3639 [speculative store bypass] aka 'Variant 4'
    * Mitigated according to the /sys interface:  YES  (Mitigation: Speculative Store Bypass disabled via prctl and seccomp)
    * Kernel supports speculation store bypass:  YES  (found in /proc/self/status)
    > STATUS:  NOT VULNERABLE  (Mitigation: Speculative Store Bypass disabled via prctl and seccomp)
    
    CVE-2018-3615/3620/3646 [L1 terminal fault] aka 'Foreshadow & Foreshadow-NG'
    * Mitigated according to the /sys interface:  YES  (Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable)
    > STATUS:  NOT VULNERABLE  (Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable)
    
    Need more detailed information about mitigation options? Use --explain
    A false sense of security is worse than no security at all, see --disclaimer
    
     
    Last edited: 15 Aug 2018
  5. adidan

    adidan Guesswork is still work

    Joined:
    25 Mar 2009
    Posts:
    19,722
    Likes Received:
    5,485
    Irrelevant comment is irrelevant in this case.

    If you'd read my post properly you would see i'm not happy about the lack of security updates.

    The system works great, the security does not - muck like a car drives well but the brakes don't, sort the brakes out and it's fine. I'd like the brakes repaired please rather than chucking it on the scrapheap and buying a new one.

    Yes it's older gen but 6 years (!), am I supposed to just suck it up and become wasteful because Asus don't pull their finger out like some other companies look like they have been doing?

    Seriously dude, you're a salesman's wet dream.
     
  6. Guest-44432

    Guest-44432 Guest

    In that case - Best we go back to pen and paper, and have a simple life of not having technology. (Will make the world a better place).
     
  7. Anfield

    Anfield Multimodder

    Joined:
    15 Jan 2010
    Posts:
    7,058
    Likes Received:
    969
    Paper is vulnerable to fire and water etc, the default password is blank and can't be changed and on top of that it lacks any logging function to track who accessed what information.:naughty:
     
    TheMadDutchDude and davvy76 like this.
  8. Panos

    Panos Minimodder

    Joined:
    18 Oct 2006
    Posts:
    288
    Likes Received:
    6
    @bit-tech why dont you take an Intel system with all the security patches applied and test it against a system without the security patches applied?
    An 8700K for example, if you still have it from your review last year.
     
    Impatience likes this.
Tags: Add Tags

Share This Page