Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Spectre 1.1 and Spectre 1.2 CPU Flaws Disclosed (bleepingcomputer.com)

Posted by msmash on from the security-woes dept.

Two security researchers have revealed details about two new Spectre-class vulnerabilities, which they've named Spectre 1.1 and Spectre 1.2. From a report: Just like all the previous Meltdown and Spectre CPU bugs variations, these two take advantage of the process of speculative execution -- a feature found in all modern CPUs that has the role of improving performance by computing operations in advance and later discarding unneeded data. According to researchers, a Spectre 1.1 attack uses speculative execution to deliver code that overflows CPU store cache buffers in order to write and run malicious code that retrieves data from previously-secured CPU memory sections. Spectre 1.1 is very similar to the Spectre variant 1 and 4, but the two researchers who discovered the bug say that "currently, no effective static analysis or compiler instrumentation is available to generically detect or mitigate Spectre 1.1." As for Spectre 1.2, researchers say this bug can be exploited to write to CPU memory sectors that are normally protected by read-only flags.

3 of 109 comments (clear)

  1. Re:Not many CPU designs are by viperidaenz · · Score: 5, Informative

    ARM Cortex A8, 9, 12, 15, 17, 57, 72, 73, 75... all of those implement speculative execution are are all vulnerable to Spectre v1 and v2. Some also v3, v3a and v4
    The A76 is only vulnerable to v1 and v4
    https://developer.arm.com/supp...

    IBM Power CPUs do speculative execution. IBM aren't fixing Power 6 and earlier.
    Power 7, 8 and 9 have been patched apparently (requires both firmware and OS updates to mitigate)

    I'm sure there's more.

  2. Re:Advanced Micro Devices IMMUNE by drinkypoo · · Score: 4, Informative

    Mitigation of prior SPECTRE attacks is cheaper on AMD than on intel. I would be surprised to learn that was not the case again. In addition, it's more difficult to exploit on AMD, and further, AMD was NOT vulnerable to all the classes of SPECTRE attack which affected intel processors. So while you're technically correct, there are also caveats.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  3. Re:Not many CPU designs are by psergiu · · Score: 3, Informative

    We did tests on a Power 8 frame with real-life Java application and Oracle DB workloads.
    - up to ~30% slower for Java
    - up to ~15% slower for Oracle DB

    It's ... bad ...

    --
    1% APY, No fees, Online Bank https://captl1.co/2uIErYq Don't let your $$$ sit in a no-interest acct.