Questions tagged [spectre]

A side-channel vulnerability affecting modern microprocessors that perform branch prediction like Intel, AMD, ARM, Sparc and PowerPC allowing user processes to read memory belonging to other processes. Affects Linux, OS X, and Windows. Published in January 2018.

A side-channel vulnerability affecting modern microprocessors that perform branch prediction like Intel, AMD, Sparc V9, ARM and PowerPC CPUs allowing user processes to read memory belonging to other processes. Affects a wide range of OSes like Linux, OS X, AIX, Solaris and Windows. Published in January 2018.

The attack exploits speculative instruction execution that results from CPU branch prediction, coupled with traditional cache timing attacks in order to learn the contents of another process' memory space.

See full attack details at https://spectreattack.com

See our canonical question on this site at Meltdown and Spectre Attacks

94 questions

votes

1 answer

What does Spectre mean for public cloud computing?

From a tweetstorm by security journalist Nicole Perlroth: The most visceral attack scenario is an attacker who rents 5 minutes of time from an Amazon/Google/Microsoft cloud server and steals data from other customers renting space on that same…

cloud-computing aws spectre

asked Jan 04 '18 at 18:50

Anders

64,406
24
178
215

votes

1 answer

Intel firmware/microcode updates that make processors "immune" to both Spectre and Meltdown?

Recently Intel has claimed the following in a press release (emphasis added): SANTA CLARA, Calif., Jan. 4, 2018 — Intel has developed and is rapidly issuing updates for all types of Intel-based computer systems — including personal computers and…

hardware meltdown spectre cpu intel

asked Jan 09 '18 at 15:44

Alexander O'Mara

8,774
6
34
38

votes

1 answer

Is branch predictor flush instruction a complete Spectre fix?

I have understood that Spectre works mainly by exploiting the branch predictor state. Bounds check bypass and branch target injection are two faces of the same coin, the interaction of speculative execution with the branch predictor. Now,…

spectre

asked Jan 04 '18 at 13:20

juhist

votes

2 answers

Can Javascript engines that run on the JVM be used to implement the Spectre exploit?

I see that Chrome and Mozilla have added mitigations into their javascript engines for the Spectre vulnerabilities (CVE-2017-5753 & CVE-2017-5715). However I cant find anything regarding javascript engines that run on the JVM for example Rhino and…

javascript vulnerability java meltdown spectre

asked Jan 05 '18 at 13:52

Jamesy82

votes

1 answer

How risky would it be to run a Linux kernel without Spectre and Meltdown patches on a regular desktop system?

What would happen if we adopted: https://make-linux-fast-again.com/ Assume the system is used for development and general browsing. Are there any cases of these vulnerabilities being exploited in the wild, (especially by websites)?

meltdown spectre

asked May 27 '19 at 14:04

rep_movsd

votes

2 answers

Spectre/Meltdown - Does memory deallocation erase the actual RAM contents?

The other day I've been thinking about Spectre and Meltdown and the ability of one process to access the memory of another. On my Linux system currently I have all JavaScript disabled to eliminate the possibility of some JS program to access memory…

data-leakage memory kernel meltdown spectre

asked Jan 24 '18 at 10:23

george

votes

1 answer

Why does my unpatched system appear to not be vulnerable to Spectre?

Since the corresponding research papers offer quite explicit descriptions publicly, I suppose that publishing my code below is not considered as encouraging or endorsing exploits. Nevertheless, I am aware that some answerers may prefer to stay…

linux spectre intel

asked Jan 14 '18 at 12:39

Hagen von Eitzen

1,098
8
19

votes

3 answers

Spectre and Meltdown being used in large scale attack on unpatched systems

Do we have to be worried about Spectre and Meltdown being used for a large scale attack like Wannacry? Even though the patches coming out are being deployed to a most recent systems, there will inevitably be A LOT of systems that won't be patched.…

wannacry meltdown spectre

asked Jan 05 '18 at 21:31

A. C. A. C.

votes

2 answers

Why do CPUs operate speculatively with results of forbidden memory fetches?

By my understanding, the Meltdown and Spectre attacks both exploit the fact that some modern processor, when given something like: if (x < arr1[y]) z = arr2[arr3[x]*256]; may sometimes fetch the value of arr2[arr3[x] * 256] before they have…

meltdown spectre

asked Jan 04 '18 at 23:27

supercat

2,029
10
10

votes

1 answer

Can speculative execution on intel cpu be disabled?

In the light of all the recent Intel Vulnerabilities with speculative execution, can speculative execution be fully disabled to protect from all this vulnerabilities, from BIOS or OS kernel? Maybe stupid question, but is it possible?

meltdown spectre side-channel cpu

asked Aug 24 '18 at 17:01

user3604665

votes

1 answer

Compiling with GCC retpoline flags

As of version 8 (later backported to 7.3), GCC has added retpoline support [0]. While I understand that it is intended[citation needed] for use in kernel patching for Spectre (ie: [1][2]), that does not prevent normal developers from using those…

c spectre compiler gcc

asked May 21 '18 at 02:40

esote

votes

1 answer

Software mitigation for Spectre v2

I run Debian as my OS and Guix as my package manager. I also run (approximately) latest kernel built using Guix. According to spectre-meltdown-checker, my kernel has mitigation for v1, v2 and v3. However, latest stable GCC (7.3) has implemented…

spectre gcc

asked Feb 14 '18 at 18:13

Alex Vong

votes

1 answer

AMD K8 processors may not be vulnerable to Spectre?

I've been chewing on this for a week or so. Thought I'd ask if it could be validated. My thoughts are based on reading the Spectre whitepaper and research on the AMD K8 microarchitecture, and haven't been able to find any AMD K8 specific Spectre…

spectre

asked Jan 25 '18 at 20:11

user169329

votes

1 answer

Are mitigations for Spectre and Meltdown needed in the VMs for dynamic languages other than JavaScript?

Mitigations for Spectre and Meltdown are being added to the JavaScript VMs in Chrome, Firefox, IE/Edge and WebKit. Are similar mitigations also needed in the VMs for other dynamic languages? For example, I assume mitigations are needed in LuaJIT…

javascript vulnerability meltdown spectre

asked Jan 10 '18 at 08:25

user200783

votes

1 answer

Why were Meltdown and Spectre disclosed at the same time?

Both the Meltdown and Spectre vulnerabilities were publicly disclosed on January 3, 2018. (6 days ahead of the originally planned January 9). Since their public reveal, there has been some confusion between the two vulnerabilities and what the…

vulnerability disclosure meltdown spectre

asked Jan 09 '18 at 14:41

Stevoisiak

1,515
1
11
27

Prev 1

3 4 5 6 7 Next