'Kernel memory leaking' Intel processor -- a serious cpu bug!?!
- KVRAF
- 12615 posts since 7 Dec, 2004
The only thing we know is kernel space (the OS) memory normally inaccessible to user space (programs) becomes visible to user space (a bad program) if it does "something".
Thinking "out of order execution" would be going waaaay out on a limb. At best you could read the Linux kernel source-code, but you'll have to note these are incomplete patches and not verified to work in all cases. So you can't just read the source and fully understand exactly how the problem is set up to occur.
The only thing we definitely know to be a fact is that it is a security issue where customers are suddenly allowed to peak inside the bank vault and read confidential information. That's it. We don't know how they get inside, but it is claimed that the bank vault is flawed and the whole security system must be redesigned to cure this issue.
That's like the vault having a stone floor so that you can tunnel underneath and get inside. So they're having to put steel plate on the floor now too.
Thinking "out of order execution" would be going waaaay out on a limb. At best you could read the Linux kernel source-code, but you'll have to note these are incomplete patches and not verified to work in all cases. So you can't just read the source and fully understand exactly how the problem is set up to occur.
The only thing we definitely know to be a fact is that it is a security issue where customers are suddenly allowed to peak inside the bank vault and read confidential information. That's it. We don't know how they get inside, but it is claimed that the bank vault is flawed and the whole security system must be redesigned to cure this issue.
That's like the vault having a stone floor so that you can tunnel underneath and get inside. So they're having to put steel plate on the floor now too.
-
- KVRian
- 1062 posts since 3 Oct, 2011 from Christchurch, New Zealand
https://googleprojectzero.blogspot.co.n ... -side.htmlaciddose wrote: Thinking "out of order execution" would be going waaaay out on a limb.
- KVRAF
- 12615 posts since 7 Dec, 2004
Yes which is something potentially totally unrelated and not at all verified to have anything to do with this issue. So that's going waaay out on a limb.
You can't just point at something random and assume it's connected. You need proof.
You can't just point at something random and assume it's connected. You need proof.
-
- KVRist
- 119 posts since 2 Dec, 2015
Google: Almost All CPUs Since 1995 Vulnerable To "Meltdown" And "Spectre" Flaws https://www.bleepingcomputer.com/news/s ... tre-flaws/
-
- KVRAF
- 7579 posts since 17 Feb, 2005
Maybe this is getting on the right track then?
https://it.slashdot.org/comments.pl?sid ... d=55853035
https://it.slashdot.org/comments.pl?sid ... d=55853035
- KVRAF
- 12615 posts since 7 Dec, 2004
Yes well that's obvious just by reading the patch, it is exactly what I said.
All we know is:
- Userspace code does "something" which allows it to read kernel space addresses. Someone from AMD replied to this to state AMD chips are not affected... Both Intel people and AMD people know exactly what is going on, so you wouldn't expect them to be posting something inaccurate to a public mailing list and embarrassing themselves.
That said it really doesn't provide any useful information at all. We still don't know all the details that have been researched by experts for approximately six months. They're going to publish the information in the coming weeks. The purpose of withholding this information is to make it impossible to reproduce the issue or test its effects. This is called a "zero-day" exploit: they're withholding details of how to produce the exploit until the patches are released.
My speculation: You won't see details in the releases along with patches either. It'll just be well known that the patches can be examined to identify what changes have been made, and by reverse-engineering from that point it will be possible for "bad actors" to reproduce the exploit given enough time. So the releases will include enough information to convince people of the severity of the exploit and encourage them to patch systems that are vulnerable. That'll include your "how to tell if your system is affected?" and similar information.
We won't be seeing detailed documentation for a while... perhaps never. There is absolutely no reason to publicly publish exploit information that isn't beneficial to those running vulnerable systems in protecting those systems. It's like handing nukes over to the local terrorist organization: "here you go guys! have fun!!!"
End of line.
All we know is:
- Userspace code does "something" which allows it to read kernel space addresses. Someone from AMD replied to this to state AMD chips are not affected... Both Intel people and AMD people know exactly what is going on, so you wouldn't expect them to be posting something inaccurate to a public mailing list and embarrassing themselves.
That said it really doesn't provide any useful information at all. We still don't know all the details that have been researched by experts for approximately six months. They're going to publish the information in the coming weeks. The purpose of withholding this information is to make it impossible to reproduce the issue or test its effects. This is called a "zero-day" exploit: they're withholding details of how to produce the exploit until the patches are released.
My speculation: You won't see details in the releases along with patches either. It'll just be well known that the patches can be examined to identify what changes have been made, and by reverse-engineering from that point it will be possible for "bad actors" to reproduce the exploit given enough time. So the releases will include enough information to convince people of the severity of the exploit and encourage them to patch systems that are vulnerable. That'll include your "how to tell if your system is affected?" and similar information.
We won't be seeing detailed documentation for a while... perhaps never. There is absolutely no reason to publicly publish exploit information that isn't beneficial to those running vulnerable systems in protecting those systems. It's like handing nukes over to the local terrorist organization: "here you go guys! have fun!!!"
End of line.
- KVRian
- 711 posts since 19 Jan, 2008
Let me try to make this more clear. AMD is insecure on Linux only if the system is not setup right, if you set it right you won't have any problems. On Intel is a totally different story, you are insecure no matter what.bmrzycki wrote:I don't trust Intel one bit either. Still, it's strange that the Intel patches were fast-tracked into mainline and as of today the AMD patch has not:EvilDragon wrote:Of course Intel would want to downplay the issue, and suck in all the competitors. I don't trust them one bit. Onset looks like a typical PR machination.
https://www.phoronix.com/scan.php?page= ... -4.15-Test
https://www.phoronix.com/scan.php?page= ... le-x86-PTI
Also, there are 2 bugs out there guys, try not to confuse them. There is Meltdown which affects Intel and not AMD and there is Spectre which affects all CPUs but on AMD only partially. Spectre is not big deal as Meltdown, but can't be patched. I've heard it can be avoided by developers when they make their apps. So the big problem is with Meltdown.
Here for more information: https://meltdownattack.com/
- KVRAF
- 2236 posts since 23 May, 2005 from West Country, UK
As far as I understand it Meltdown is already patched in High Sierra 10.13.2, but no word on previous OS X versions.nIGhT-SoN wrote:Let me try to make this more clear. AMD is insecure on Linux only if the system is not setup right, if you set it right you won't have any problems. On Intel is a totally different story, you are insecure no matter what.bmrzycki wrote:I don't trust Intel one bit either. Still, it's strange that the Intel patches were fast-tracked into mainline and as of today the AMD patch has not:EvilDragon wrote:Of course Intel would want to downplay the issue, and suck in all the competitors. I don't trust them one bit. Onset looks like a typical PR machination.
https://www.phoronix.com/scan.php?page= ... -4.15-Test
https://www.phoronix.com/scan.php?page= ... le-x86-PTI
Also, there are 2 bugs out there guys, try not to confuse them. There is Meltdown which affects Intel and not AMD and there is Spectre which affects all CPUs but on AMD only partially. Spectre is not big deal as Meltdown, but can't be patched. I've heard it can be avoided by developers when they make their apps. So the big problem is with Meltdown.
Here for more information: https://meltdownattack.com/
- KVRAF
- 2236 posts since 23 May, 2005 from West Country, UK
My understanding from reading through that is that in the long term Spectre is a very big deal because it will require a completely new processor architecture to avoid it.nIGhT-SoN wrote:Let me try to make this more clear. AMD is insecure on Linux only if the system is not setup right, if you set it right you won't have any problems. On Intel is a totally different story, you are insecure no matter what.bmrzycki wrote:I don't trust Intel one bit either. Still, it's strange that the Intel patches were fast-tracked into mainline and as of today the AMD patch has not:EvilDragon wrote:Of course Intel would want to downplay the issue, and suck in all the competitors. I don't trust them one bit. Onset looks like a typical PR machination.
https://www.phoronix.com/scan.php?page= ... -4.15-Test
https://www.phoronix.com/scan.php?page= ... le-x86-PTI
Also, there are 2 bugs out there guys, try not to confuse them. There is Meltdown which affects Intel and not AMD and there is Spectre which affects all CPUs but on AMD only partially. Spectre is not big deal as Meltdown, but can't be patched. I've heard it can be avoided by developers when they make their apps. So the big problem is with Meltdown.
Here for more information: https://meltdownattack.com/
-
- KVRian
- 535 posts since 26 Mar, 2014
Mac mini m4 pro, Reaper, too many plugins, Modal Argon8, Novation Circuit Mono Station and now a lovely Waldorf Blofeld.
-
- KVRAF
- 35687 posts since 11 Apr, 2010 from Germany
Oh, so they ("they" probably meaning a advertising agency) have created 2 fancy names for this things now. Who would have thought.PapaLazarou wrote:Google: Almost All CPUs Since 1995 Vulnerable To "Meltdown" And "Spectre" Flaws https://www.bleepingcomputer.com/news/s ... tre-flaws/
From another thread here:
chk071 wrote:BTW, what surprises me most is that they haven't engaged a advertising company to develop a fancy name for this bug already. But, they probably already did, and just wait a few days to present the name, just like with Heartbleed.
Last edited by chk071 on Thu Jan 04, 2018 12:30 pm, edited 1 time in total.
-
- KVRAF
- 2635 posts since 16 Jan, 2013
I found a beta Sierra security update last night (2018-001) which presumably addresses this. So I expect 10.11 and 10.12 will get security updates soon.lnikj wrote:As far as I understand it Meltdown is already patched in High Sierra 10.13.2, but no word on previous OS X versions.
- KVRAF
- 24447 posts since 7 Jan, 2009 from Croatia
10.13.2 is partially fixed, more work on that coming in 10.13.3.
- KVRAF
- 2236 posts since 23 May, 2005 from West Country, UK
El Reg translation of this:gnu23 wrote:Intel's official statement about the issue.
https://www.theregister.co.uk/2018/01/0 ... notations/