1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Intel CPUs hit by four more security flaws

Discussion in 'Article Discussion' started by bit-tech, 15 May 2019.

  1. Wakka

    Wakka Yo, eat this, ya?

    Joined:
    23 Feb 2017
    Posts:
    2,117
    Likes Received:
    673
    Funded?
     
    adidan likes this.
  2. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,381
    Likes Received:
    7,215
    Rebooted after installing the new kernel, ran the Spectre-checker script, and according to that AMD parts aren't affected:

    Code:
    CVE-2018-12126 aka 'Fallout, microarchitectural store buffer data sampling (MSBDS)'
    * Mitigated according to the /sys interface:  YES  (Not affected)
    * CPU supports the MD_CLEAR functionality:  UNKNOWN  (is cpuid module loaded?)
    * Kernel supports using MD_CLEAR mitigation:  YES  (found md_clear implementation evidence in kernel image)
    * Kernel mitigation is enabled and active:  NO
    * SMT is either mitigated or disabled:  NO
    > STATUS:  NOT VULNERABLE  (Not affected)
    
    CVE-2018-12130 aka 'ZombieLoad, microarchitectural fill buffer data sampling (MFBDS)'
    * Mitigated according to the /sys interface:  YES  (Not affected)
    * CPU supports the MD_CLEAR functionality:  UNKNOWN  (is cpuid module loaded?)
    * Kernel supports using MD_CLEAR mitigation:  YES  (found md_clear implementation evidence in kernel image)
    * Kernel mitigation is enabled and active:  NO
    * SMT is either mitigated or disabled:  NO
    > STATUS:  NOT VULNERABLE  (Not affected)
    
    CVE-2018-12127 aka 'RIDL, microarchitectural load port data sampling (MLPDS)'
    * Mitigated according to the /sys interface:  YES  (Not affected)
    * CPU supports the MD_CLEAR functionality:  UNKNOWN  (is cpuid module loaded?)
    * Kernel supports using MD_CLEAR mitigation:  YES  (found md_clear implementation evidence in kernel image)
    * Kernel mitigation is enabled and active:  NO
    * SMT is either mitigated or disabled:  NO
    > STATUS:  NOT VULNERABLE  (Not affected)
    
    CVE-2019-11091 aka 'RIDL, microarchitectural data sampling uncacheable memory (MDSUM)'
    * Mitigated according to the /sys interface:  YES  (Not affected)
    * CPU supports the MD_CLEAR functionality:  UNKNOWN  (is cpuid module loaded?)
    * Kernel supports using MD_CLEAR mitigation:  YES  (found md_clear implementation evidence in kernel image)
    * Kernel mitigation is enabled and active:  NO
    * SMT is either mitigated or disabled:  NO
    > STATUS:  NOT VULNERABLE  (Not affected)
    
    EDIT: Inb4 "what does some random script know:" it's the Linux kernel that's reporting my Ryzen chip isn't affected, the script's just reporting that fact.

    EDIT EDIT:
    Same script, Intel laptop:

    Code:
    CVE-2018-12126 aka 'Fallout, microarchitectural store buffer data sampling (MSBDS)'
    * Mitigated according to the /sys interface:  YES  (Mitigation: Clear CPU buffers; SMT vulnerable)
    * CPU supports the MD_CLEAR functionality:  YES
    * Kernel supports using MD_CLEAR mitigation:  YES  (md_clear found in /proc/cpuinfo)
    * Kernel mitigation is enabled and active:  YES
    * SMT is either mitigated or disabled:  NO
    > STATUS:  NOT VULNERABLE  (Mitigation: Clear CPU buffers; SMT vulnerable)
    
    CVE-2018-12130 aka 'ZombieLoad, microarchitectural fill buffer data sampling (MFBDS)'
    * Mitigated according to the /sys interface:  YES  (Mitigation: Clear CPU buffers; SMT vulnerable)
    * CPU supports the MD_CLEAR functionality:  YES
    * Kernel supports using MD_CLEAR mitigation:  YES  (md_clear found in /proc/cpuinfo)
    * Kernel mitigation is enabled and active:  YES
    * SMT is either mitigated or disabled:  NO
    > STATUS:  NOT VULNERABLE  (Mitigation: Clear CPU buffers; SMT vulnerable)
    
    CVE-2018-12127 aka 'RIDL, microarchitectural load port data sampling (MLPDS)'
    * Mitigated according to the /sys interface:  YES  (Mitigation: Clear CPU buffers; SMT vulnerable)
    * CPU supports the MD_CLEAR functionality:  YES
    * Kernel supports using MD_CLEAR mitigation:  YES  (md_clear found in /proc/cpuinfo)
    * Kernel mitigation is enabled and active:  YES
    * SMT is either mitigated or disabled:  NO
    > STATUS:  NOT VULNERABLE  (Mitigation: Clear CPU buffers; SMT vulnerable)
    
    CVE-2019-11091 aka 'RIDL, microarchitectural data sampling uncacheable memory (MDSUM)'
    * Mitigated according to the /sys interface:  YES  (Mitigation: Clear CPU buffers; SMT vulnerable)
    * CPU supports the MD_CLEAR functionality:  YES
    * Kernel supports using MD_CLEAR mitigation:  YES  (md_clear found in /proc/cpuinfo)
    * Kernel mitigation is enabled and active:  YES
    * SMT is either mitigated or disabled:  NO
    > STATUS:  NOT VULNERABLE  (Mitigation: Clear CPU buffers; SMT vulnerable)
    
     
    Last edited: 16 May 2019
    adidan likes this.
  3. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    3,909
    Likes Received:
    591
    Does the 'Spectre checker script' actually attempt the attacks and report the results, or does it look for the presence (or absence) of known vulnerable hardware and known kernal and microcode patches against an internal list?
     
  4. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,381
    Likes Received:
    7,215
  5. Wakka

    Wakka Yo, eat this, ya?

    Joined:
    23 Feb 2017
    Posts:
    2,117
    Likes Received:
    673
    A decent IPC uplift and clock boost on Zen 2 and we could very well see clock-for-clock parity in a lot of use cases in a few months... That will hurt Intel a lot.
     
  6. Tyinsar

    Tyinsar 6 screens 1 card since Nov 17 2007

    Joined:
    26 Jul 2006
    Posts:
    2,287
    Likes Received:
    28
  7. Tyinsar

    Tyinsar 6 screens 1 card since Nov 17 2007

    Joined:
    26 Jul 2006
    Posts:
    2,287
    Likes Received:
    28
    Indeed but I find it disconcerting that they make no mention of if on their microcode update lists. I'm pretty sure these processors aren't immune to the flaws. I'd really like to see an official list that includes them as getting the microcode updates.
     
  8. Pretizx

    Pretizx What's a Dremel?

    Joined:
    10 Feb 2017
    Posts:
    52
    Likes Received:
    5
    Intel and its vulnerabilities:duh::duh:
     
Tags: Add Tags

Share This Page