Questions tagged [spectre]

A side-channel vulnerability affecting modern microprocessors that perform branch prediction like Intel, AMD, ARM, Sparc and PowerPC allowing user processes to read memory belonging to other processes. Affects Linux, OS X, and Windows. Published in January 2018.

A side-channel vulnerability affecting modern microprocessors that perform branch prediction like Intel, AMD, Sparc V9, ARM and PowerPC CPUs allowing user processes to read memory belonging to other processes. Affects a wide range of OSes like Linux, OS X, AIX, Solaris and Windows. Published in January 2018.

The attack exploits speculative instruction execution that results from CPU branch prediction, coupled with traditional cache timing attacks in order to learn the contents of another process' memory space.

See full attack details at https://spectreattack.com

See our canonical question on this site at Meltdown and Spectre Attacks

94 questions

vote

0 answers

Software mitigation for variant 3a (rogue system register read) and variant 4 (speculative store bypass)

AFAIK, all mitigable meltdown / spectre variants have software mitigation except for variant 3a and 4. Why is this the case? For variant 4, a straightforward software mitigation is to place lfence before all memory load operations. However,…

asked May 03 '19 at 19:08

Alex Vong

vote

0 answers

Nessus ADV180002: Microsoft SQL Server January 2018 Security Update (Meltdown) (Spectre)

I have a MS Server 2012 r2 running ArcServe 17.5, which uses MSSQL Server Express 2014. When Nessus runs a scan of this system, I am getting the plugin 105613 - ADV180002: Microsoft SQL Server January 2018 Security Update (Meltdown) (Spectre). I…

sql-server meltdown spectre nessus

asked Jul 09 '18 at 19:21

mappingman

vote

1 answer

Does Speculative Store Bypass Attack Require Assembly/Source Code Knowledge?

ok, so the gist of speculative store bypass attack to my understanding is that, cpu chooses the most frequent code path, bypass the if/else test and just assumes that it's true/false and then execute it onwards. later if the prediction proved to be…

spectre side-channel cpu

asked May 23 '18 at 01:49

Sajuuk

vote

0 answers

What Spectre V2 patches fixes which vulnerabilties on Linux?

Let's assume I have a computer with a pre-Skylake Intel processor that doesn't have microcode mitigating the Spectre V2 attack. Then to my understanding, if the kernel and all user-space applications are compiled with retpoline, they are protected,…

linux spectre cpu

asked May 05 '18 at 08:35

arcus_mannen

vote

2 answers

What is the significance of Spectre and Meltdown?

Reading up on Spectre and Meltdown attacks again, I don't get why they were hyped so much. These are cache attacks that take advantage of the instruction pipeline processing implementation in addition to the cache implementation. So this is just…

vulnerability meltdown spectre

asked Mar 16 '18 at 14:33

stflow

vote

2 answers

What to do against Spectre-1, Sprectre-2 and Meltdown on Linux and Windows in 01/2018?

How to handle Spectre-1, Spectre-2 and Meltdown for now, in 01/2018? It can almost never be wrong to do the following Stay up to date with your browser and OS e.g. Linux kernel update Update anti-virus software if installed Be careful But is there…

meltdown spectre

asked Jan 26 '18 at 21:34

Kutsubato

vote

2 answers

Spectre, Meltdown to read SSH keys

I've got a VPS running on Ubuntu, accessed through SSH, passwordless and with a public key. Can Spectre and Meltdown be used to compromise it in order to get access remotely eg by reading the private key stored on the server?

vpn ssh meltdown spectre

asked Jan 20 '18 at 22:34

microwth

2,101
2
14
19

vote

2 answers

How does the Intel CPU design flaw affect us?

Today, I saw this in the news. I'm hesitant to install the fix, because I've heard it would slow down IO 50%, which is not acceptable for me. But a guy said that the flaw allows JavaScript in the browser steal your information. Is this true? Worst…

hardware meltdown cpu spectre intel

asked Jan 04 '18 at 01:57

Mithril

votes

1 answer

COOP and COEP: Is there an advantage to enabling COOP / COEP if I don't need to use the sharedArrayBuffer or other features?

COOP: cross origin opener policy COEP: Cross origin embedder policy Most of the articles on the web, related to COOP / COEP, point to the fact that by enabling COOP / COEP , your web page can use the sharedArrayBuffer and some other precision timer…

javascript same-origin-policy spectre crossdomain

asked Dec 21 '21 at 21:04

gaurav5430

votes

1 answer

Are there any class of systems where it is safe to disable spectre and meltdown patches

I was not able to find a definite answer to the question whether it is safe to disable spectre and meltdown vulnerabilities but i could articles that suggests the defaults might be revisited & windows seems to allow the disabling of these. Does…

meltdown spectre

asked May 28 '21 at 04:57

computinglife

votes

0 answers

Secure code makes exploitation easier with CPU vulnerabilities?

I researched CPU vulnerabilities in the past, such as Specter and Meltdown. I read that one of those attacks is made easier if the code is a certain way. I cannot remember if it was related to being efficiently written, securely written, or some…

exploit-development secure-coding spectre meltdown cpu

asked Jun 26 '20 at 00:00

user5623335

votes

0 answers

Meltdown checker says AWS and Rackspace is vulnerable - Why?

Today I was curious how my vmware environment stacked up against Spectre and Meltdown. So I ran spectre-meltdown-checker. It came back clean with 7 of 8 variants OK (the failed one is apparently not possible to exploit under VMware) Then I was…

cloud-computing aws meltdown spectre

asked Oct 29 '18 at 17:18

user3280964

1,130
2
7
13

votes

1 answer

Do any speculative executation attacks affect ARMv7 CPUs?

Do we know if there are speculative execution attacks that affect ARMv7 CPUs at this time? Are there any theoretical risks that need further investigation?

spectre side-channel cpu speculative-execution

asked Sep 29 '18 at 22:44

user115400

votes

1 answer

Do Meltdown and Spectre affect other Intel products such as SSDs?

I've found a good deal on an Intel SSD but I don't want to worry about the security hole or the loss of performance from patching it.

meltdown spectre ssd

asked Jul 31 '18 at 14:08

EMBLEM

votes

1 answer

What is the attack vector for CVE-2018-3639 Speculative Store Bypass?

We use Web Application deployed on a CentOS server. Can the attack will be performed via a browser? Or the attacker need a physical access to the CentOS server? I cannot understand the attack vector from the RHEL:…

vulnerability known-vulnerabilities cve spectre speculative-store-bypass

asked May 23 '18 at 16:26

Michael

1,457
1
18
36

Prev 1 2 3 4 5

7 Next