CVE identifier(s) | CVE- 2017-5754 |
---|---|
Date discovered | January 2018 |
Affected hardware | Intel x86 microprocessors, IBM POWER processors, and some ARM-based microprocessors |
Website |
meltdownattack |
Meltdown is one of the two original transient execution CPU vulnerabilities (the other being Spectre). Meltdown affects Intel x86 microprocessors, IBM POWER processors, [1] and some ARM-based microprocessors. [2] [3] [4] It allows a rogue process to read all memory, even when it is not authorized to do so.
Meltdown affects a wide range of systems. At the time of disclosure (2018), this included all devices running any but the most recent and patched versions of iOS, [5] Linux, [6] [7] macOS, [5] or Windows. Accordingly, many servers and cloud services were impacted, [8] as well as a potential majority of smart devices and embedded devices using ARM-based processors (mobile devices, smart TVs, printers and others), including a wide range of networking equipment. A purely software workaround to Meltdown has been assessed as slowing computers between 5 and 30 percent in certain specialized workloads, [9] although companies responsible for software correction of the exploit reported minimal impact from general benchmark testing. [10]
Meltdown was issued a Common Vulnerabilities and Exposures ID of CVE- 2017-5754, also known as Rogue Data Cache Load (RDCL), [3] in January 2018. It was disclosed in conjunction with another exploit, Spectre, with which it shares some characteristics. The Meltdown and Spectre vulnerabilities are considered "catastrophic" by security analysts. [11] [12] [13] The vulnerabilities are so severe that security researchers initially believed the reports to be false. [14]
Several procedures to help protect home computers and related devices from the Meltdown and Spectre security vulnerabilities have been published. [15] [16] [17] [18] Meltdown patches may produce performance loss. [19] [20] [21] Spectre patches have been reported to significantly reduce performance, especially on older computers; on the then-newest (2017) eighth-generation Core platforms, benchmark performance drops of 2–14 percent have been measured. [22] On 18 January 2018, unwanted reboots, even for newer Intel chips, due to Meltdown and Spectre patches, were reported. [23] Nonetheless, according to Dell: "No 'real-world' exploits of these vulnerabilities [i.e., Meltdown and Spectre] have been reported to date [26 January 2018], though researchers have produced proof-of-concepts." [24] [25] Dell further recommended: "promptly adopting software updates, avoiding unrecognized hyperlinks and websites, not downloading files or applications from unknown sources ... following secure password protocols ... [using] security software to help protect against malware (advanced threat prevention software or anti-virus)." [24] [25]
On 15 March 2018, Intel reported that it would redesign its CPUs to help protect against the Meltdown and related Spectre vulnerabilities (especially, Meltdown and Spectre-V2, but not Spectre-V1), and expected to release the newly redesigned processors later in 2018. [26] [27] [28] [29] On 8 October 2018, Intel is reported to have added hardware and firmware mitigations regarding Spectre and Meltdown vulnerabilities to its latest processors. [30]
Meltdown exploits a race condition, inherent in the design of many modern CPUs. This occurs between memory access and privilege checking during instruction processing. Additionally, combined with a cache side-channel attack, this vulnerability allows a process to bypass the normal privilege checks that isolate the exploit process from accessing data belonging to the operating system and other running processes. The vulnerability allows an unauthorized process to read data from any address that is mapped to the current process's memory space. Since instruction pipelining is in the affected processors, the data from an unauthorized address will almost always be temporarily loaded into the CPU's cache during out-of-order execution – from which the data can be recovered. This can occur even if the original read instruction fails due to privilege checking, or if it never produces a readable result.[ citation needed]
Since many operating systems map physical memory, kernel processes, and other running user space processes into the address space of every process, Meltdown effectively makes it possible for a rogue process to read any physical, kernel or other processes' mapped memory – regardless of whether it should be able to do so. Defenses against Meltdown would require avoiding the use of memory mapping in a manner vulnerable to such exploits (i.e. a software-based solution) or avoidance of the underlying race condition (i.e. a modification to the CPUs' microcode or execution path).[ citation needed]
The vulnerability is viable on any operating system in which privileged data is mapped into virtual memory for unprivileged processes – which includes many present-day operating systems. Meltdown could potentially impact a wider range of computers than presently identified, as there is little to no variation in the microprocessor families used by these computers.[ citation needed]
A Meltdown attack cannot be detected if it is carried out, as it does not leave any traces in traditional log files. [31] [32]
Meltdown was discovered independently by Jann Horn from Google's Project Zero, Werner Haas and Thomas Prescher from Cyberus Technology, and Daniel Gruss, Moritz Lipp, Stefan Mangard and Michael Schwarz from Graz University of Technology. [33] The same research teams that discovered Meltdown also discovered Spectre. The security vulnerability was called Meltdown because "the vulnerability basically melts security boundaries which are normally enforced by the hardware". [31]
BOUND
instruction. They also attempted but failed to exploit CPU operations for memory alignment, division by zero, supervisor modes, segment limits, invalid opcodes, and non-executable code.
[53]Meltdown [45] relies on a CPU race condition that can arise between instruction execution and privilege checking. Put briefly, the instruction execution leaves side effects that constitute information not hidden to the process by the privilege check. The process carrying out Meltdown then uses these side effects to infer the values of memory mapped data, bypassing the privilege check. The following provides an overview of the exploit, and the memory mapping that is its target. The attack is described in terms of an Intel processor running Microsoft Windows or Linux, the main test targets used in the original paper, but it also affects other processors and operating systems, including macOS (aka OS X), iOS, and Android. [45]
Modern computer processors use a variety of techniques to gain high levels of efficiency. Four widely used features are particularly relevant to Meltdown:
Ordinarily, the mechanisms described above are considered secure. They provide the basis for most modern operating systems and processors. Meltdown exploits the way these features interact to bypass the CPU's fundamental privilege controls and access privileged and sensitive data from the operating system and other processes. To understand Meltdown, consider the data that is mapped in virtual memory (much of which the process is not supposed to be able to access) and how the CPU responds when a process attempts to access unauthorized memory. The process is running on a vulnerable version of Windows, Linux, or macOS, on a 64-bit processor of a vulnerable type. [45] This is a very common combination across almost all desktop computers, notebooks, laptops, servers and mobile devices.
Meltdown uses this technique in sequence to read every address of interest at high speed, and depending on other running processes, the result may contain passwords, encryption data, and any other sensitive information, from any address of any process that exists in its memory map. In practice, because cache side-channel attacks are slow, it is faster to extract data one bit at a time (only 2 × 8 = 16 cache attacks needed to read a byte, rather than 256 steps if it tried to read all 8 bits at once).
The impact of Meltdown depends on the design of the CPU, the design of the operating system (specifically how it uses memory paging), and the ability of a malicious party to get any code run on that system, as well as the value of any data it could read if able to execute.
The specific impact depends on the implementation of the address translation mechanism in the OS and the underlying hardware architecture. The attack can reveal the content of any memory that is mapped into a user address space, even if otherwise protected. For example, before kernel page-table isolation was introduced, most versions of Linux mapped all physical memory into the address space of every user-space process; the mapped addresses are (mostly) protected, making them unreadable from user-space and accessible only when transitioned into the kernel. The existence of these mappings makes transitioning to and from the kernel faster, but is unsafe in the presence of the Meltdown vulnerability, as the contents of all physical memory (which may contain sensitive information such as passwords belonging to other processes or the kernel) can then be obtained via the above method by any unprivileged process from user-space.
According to researchers, "every Intel processor that implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium, and Intel Atom before 2013)." [33] Intel responded to the reported security vulnerabilities with an official statement. [57]
The vulnerability is expected to impact major cloud providers, such as Amazon Web Services (AWS) [58] and Google Cloud Platform. Cloud providers allow users to execute programs on the same physical servers where sensitive data might be stored, and rely on safeguards provided by the CPU to prevent unauthorized access to the privileged memory locations where that data is stored, a feature that the Meltdown exploit circumvents.
The original paper reports that paravirtualization ( Xen) and containers such as Docker, LXC, and OpenVZ, are affected. [54] [45] They report that the attack on a fully virtualized machine allows the guest user space to read from the guest kernel memory, but not read from the host kernel space.
The Meltdown vulnerability primarily affects Intel microprocessors, [59] but the ARM Cortex-A75 [60] and IBM's Power [1] microprocessors are also affected. The vulnerability does not affect AMD microprocessors. [20] [61] [62] [63] When the effect of Meltdown was first made public, Intel countered that the flaws affect all processors, [64] but AMD denied this, saying "we believe AMD processors are not susceptible due to our use of privilege level protections within paging architecture". [65]
Researchers have indicated that the Meltdown vulnerability is exclusive to Intel processors, while the Spectre vulnerability can possibly affect some Intel, AMD, and ARM processors. [66] [67] [68] [69] However, ARM announced that some of their processors were vulnerable to Meltdown. [60] Google has reported that any Intel processor since 1995 with out-of-order execution is potentially vulnerable to the Meltdown vulnerability (this excludes Itanium and pre-2013 Intel Atom CPUs). [70] Intel introduced speculative execution to their processors with Intel's P6 family microarchitecture with the Pentium Pro IA-32 microprocessor in 1995. [71]
ARM has reported that the majority of their processors are not vulnerable, and published a list of the specific processors that are affected. The ARM Cortex-A75 core is affected directly by both Meltdown and Spectre vulnerabilities, and Cortex-R7, Cortex-R8, Cortex-A8, Cortex-A9, Cortex-A15, Cortex-A17, Cortex-A57, Cortex-A72 and Cortex-A73 cores are affected only by the Spectre vulnerability. [60] This contradicts some early statements made about the Meltdown vulnerability as being Intel-only. [72]
A large portion of the then-current mid-range Android handsets use the Cortex-A53 or Cortex-A55 in an octa-core arrangement and are not affected by either the Meltdown or Spectre vulnerability as they do not perform out-of-order execution. This includes devices with the Qualcomm Snapdragon 630, Snapdragon 626, Snapdragon 625, and all Snapdragon 4xx processors based on A53 or A55 cores. [73] Also, no Raspberry Pi computers are vulnerable to either Meltdown or Spectre, except the newly released Raspberry Pi 4, which uses the ARM Cortex-A72 CPU. [74]
IBM has also confirmed that its Power CPUs are affected by both CPU attacks. [1] Red Hat has publicly announced that the exploits are also for IBM System Z, POWER8, and POWER9 systems. [75]
Oracle has stated that V9-based SPARC systems (T5, M5, M6, S7, M7, M8, M10, M12 processors) are not affected by Meltdown, though older SPARC processors that are no longer supported may be impacted. [76]
Mitigation of the vulnerability requires changes to operating system kernel code, including increased isolation of kernel memory from user-mode processes. [4] Linux kernel developers have referred to this measure as kernel page-table isolation (KPTI). KPTI patches have been developed for Linux kernel 4.15, and have been released as a backport in kernels 4.14.11, 4.9.75. [77] [78] [79] [80] Red Hat released kernel updates to their Red Hat Enterprise Linux distributions version 6 [81] and version 7. [82] CentOS also already released their kernel updates to CentOS 6 [83] and CentOS 7. [84]
Apple included mitigations in macOS 10.13.2, iOS 11.2, and tvOS 11.2. These were released a month before the vulnerabilities were made public. [85] [86] [87] [88] Apple has stated that watchOS and the Apple Watch are not affected. [89] Additional mitigations were included in a Safari update as well a supplemental update to macOS 10.13, and iOS 11.2.2. [90] [91] [92] [93] [94]
Microsoft released an emergency update to Windows 10, 8.1, and 7 SP1 to address the vulnerability on 3 January 2018, [95] [96] [97] as well as Windows Server (including Server 2008 R2, Server 2012 R2, and Server 2016) and Windows Embedded Industry. [98] These patches are incompatible with third-party antivirus software that use unsupported kernel calls; systems running incompatible antivirus software will not receive this or any future Windows security updates until it is patched, and the software adds a special registry key affirming its compatibility. [99] [100] [101] The update was found to have caused issues on systems running certain AMD CPUs, with some users reporting that their Windows installations did not boot at all after installation. On 9 January 2018, Microsoft paused the distribution of the update to systems with affected CPUs while it investigated and addressed this bug. [99]
It was reported that implementation of KPTI may lead to a reduction in CPU performance, with some researchers claiming up to 30% loss in performance, depending on usage, though Intel considered this to be an exaggeration. [19] It was reported that Intel processor generations that support process-context identifiers (PCID), a feature introduced with Westmere [102] and available on all chips from the Haswell architecture onward, were not as susceptible to performance losses under KPTI as older generations that lack it. [103] [104] This is because the selective translation lookaside buffer (TLB) flushing enabled by PCID (also called address space number or ASN under the Alpha architecture) enables the shared TLB behavior crucial to the exploit to be isolated across processes, without constantly flushing the entire cache – the primary reason for the cost of mitigation.
A statement by Intel said that "any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time". [21] [20] Phoronix benchmarked several popular PC games on a Linux system with Intel's Coffee Lake Core i7-8700K CPU and KPTI patches installed, and found that any performance impact was small to non-existent. [62] In other tests, including synthetic I/O benchmarks and databases such as PostgreSQL and Redis, an impact in performance was found, accounting even to tens of percent for some workloads. [105] More recently, related tests, involving AMD's FX and Intel's Sandybridge and Ivybridge CPUs, have been reported. [106]
Several procedures to help protect home computers and related devices from the Meltdown and Spectre security vulnerabilities have been published. [15] [16] [17] [18] Meltdown patches may produce performance loss. [19] [20] [21] On 18 January 2018, unwanted reboots, even for newer Intel chips, due to Meltdown and Spectre patches, were reported. [23] According to Dell: "No 'real-world' exploits of these vulnerabilities [ie, Meltdown and Spectre] have been reported to date [26 January 2018], though researchers have produced proof-of-concepts." [24] [25] Further, recommended preventions include: "promptly adopting software updates, avoiding unrecognized hyperlinks and websites, not downloading files or applications from unknown sources ... following secure password protocols ... [using] security software to help protect against malware (advanced threat prevention software or anti-virus)." [24] [25]
On 25 January 2018, the current status and possible future considerations in solving the Meltdown and Spectre vulnerabilities were presented. [107] In March 2018, Intel announced that it had designed hardware fixes for future processors for Meltdown and Spectre-V2 only, but not Spectre-V1. The vulnerabilities were mitigated by a new partitioning system that improves process and privilege-level separation. The company also announced it had developed Intel Microcode workarounds for processors dating back to 2013, and that it had plans to develop them for most processors dating back to 2007 including the Core 2 Duo; [28] [29] however, a month later in April 2018, it announced it was backing off that plan for a number of processor families and that no processor earlier than 2008 would have a patch available. [108]
On 8 October 2018, Intel was reported to have added hardware and firmware mitigations regarding Spectre and Meltdown vulnerabilities to its latest processors. [30]
Vulnerability | CVE | Exploit name | Public vulnerability name | Windows changes | Firmware changes |
---|---|---|---|---|---|
(Spectre) | 2017-5753 | Variant 1 | Bounds Check Bypass (BCB) |
|
No |
(Spectre) | 2017-5715 | Variant 2 | Branch Target Injection (BTI) | New CPU instructions eliminating branch speculation | Yes |
Meltdown | 2017-5754 | Variant 3 | Rogue Data Cache Load (RDCL) | Isolate kernel and user mode page tables | No |
{{
cite journal}}
: Cite journal requires |journal=
(
help)
unless your product allows running 3rd party or WEB applications, we believe the device is not exposed to exploits
CVE identifier(s) | CVE- 2017-5754 |
---|---|
Date discovered | January 2018 |
Affected hardware | Intel x86 microprocessors, IBM POWER processors, and some ARM-based microprocessors |
Website |
meltdownattack |
Meltdown is one of the two original transient execution CPU vulnerabilities (the other being Spectre). Meltdown affects Intel x86 microprocessors, IBM POWER processors, [1] and some ARM-based microprocessors. [2] [3] [4] It allows a rogue process to read all memory, even when it is not authorized to do so.
Meltdown affects a wide range of systems. At the time of disclosure (2018), this included all devices running any but the most recent and patched versions of iOS, [5] Linux, [6] [7] macOS, [5] or Windows. Accordingly, many servers and cloud services were impacted, [8] as well as a potential majority of smart devices and embedded devices using ARM-based processors (mobile devices, smart TVs, printers and others), including a wide range of networking equipment. A purely software workaround to Meltdown has been assessed as slowing computers between 5 and 30 percent in certain specialized workloads, [9] although companies responsible for software correction of the exploit reported minimal impact from general benchmark testing. [10]
Meltdown was issued a Common Vulnerabilities and Exposures ID of CVE- 2017-5754, also known as Rogue Data Cache Load (RDCL), [3] in January 2018. It was disclosed in conjunction with another exploit, Spectre, with which it shares some characteristics. The Meltdown and Spectre vulnerabilities are considered "catastrophic" by security analysts. [11] [12] [13] The vulnerabilities are so severe that security researchers initially believed the reports to be false. [14]
Several procedures to help protect home computers and related devices from the Meltdown and Spectre security vulnerabilities have been published. [15] [16] [17] [18] Meltdown patches may produce performance loss. [19] [20] [21] Spectre patches have been reported to significantly reduce performance, especially on older computers; on the then-newest (2017) eighth-generation Core platforms, benchmark performance drops of 2–14 percent have been measured. [22] On 18 January 2018, unwanted reboots, even for newer Intel chips, due to Meltdown and Spectre patches, were reported. [23] Nonetheless, according to Dell: "No 'real-world' exploits of these vulnerabilities [i.e., Meltdown and Spectre] have been reported to date [26 January 2018], though researchers have produced proof-of-concepts." [24] [25] Dell further recommended: "promptly adopting software updates, avoiding unrecognized hyperlinks and websites, not downloading files or applications from unknown sources ... following secure password protocols ... [using] security software to help protect against malware (advanced threat prevention software or anti-virus)." [24] [25]
On 15 March 2018, Intel reported that it would redesign its CPUs to help protect against the Meltdown and related Spectre vulnerabilities (especially, Meltdown and Spectre-V2, but not Spectre-V1), and expected to release the newly redesigned processors later in 2018. [26] [27] [28] [29] On 8 October 2018, Intel is reported to have added hardware and firmware mitigations regarding Spectre and Meltdown vulnerabilities to its latest processors. [30]
Meltdown exploits a race condition, inherent in the design of many modern CPUs. This occurs between memory access and privilege checking during instruction processing. Additionally, combined with a cache side-channel attack, this vulnerability allows a process to bypass the normal privilege checks that isolate the exploit process from accessing data belonging to the operating system and other running processes. The vulnerability allows an unauthorized process to read data from any address that is mapped to the current process's memory space. Since instruction pipelining is in the affected processors, the data from an unauthorized address will almost always be temporarily loaded into the CPU's cache during out-of-order execution – from which the data can be recovered. This can occur even if the original read instruction fails due to privilege checking, or if it never produces a readable result.[ citation needed]
Since many operating systems map physical memory, kernel processes, and other running user space processes into the address space of every process, Meltdown effectively makes it possible for a rogue process to read any physical, kernel or other processes' mapped memory – regardless of whether it should be able to do so. Defenses against Meltdown would require avoiding the use of memory mapping in a manner vulnerable to such exploits (i.e. a software-based solution) or avoidance of the underlying race condition (i.e. a modification to the CPUs' microcode or execution path).[ citation needed]
The vulnerability is viable on any operating system in which privileged data is mapped into virtual memory for unprivileged processes – which includes many present-day operating systems. Meltdown could potentially impact a wider range of computers than presently identified, as there is little to no variation in the microprocessor families used by these computers.[ citation needed]
A Meltdown attack cannot be detected if it is carried out, as it does not leave any traces in traditional log files. [31] [32]
Meltdown was discovered independently by Jann Horn from Google's Project Zero, Werner Haas and Thomas Prescher from Cyberus Technology, and Daniel Gruss, Moritz Lipp, Stefan Mangard and Michael Schwarz from Graz University of Technology. [33] The same research teams that discovered Meltdown also discovered Spectre. The security vulnerability was called Meltdown because "the vulnerability basically melts security boundaries which are normally enforced by the hardware". [31]
BOUND
instruction. They also attempted but failed to exploit CPU operations for memory alignment, division by zero, supervisor modes, segment limits, invalid opcodes, and non-executable code.
[53]Meltdown [45] relies on a CPU race condition that can arise between instruction execution and privilege checking. Put briefly, the instruction execution leaves side effects that constitute information not hidden to the process by the privilege check. The process carrying out Meltdown then uses these side effects to infer the values of memory mapped data, bypassing the privilege check. The following provides an overview of the exploit, and the memory mapping that is its target. The attack is described in terms of an Intel processor running Microsoft Windows or Linux, the main test targets used in the original paper, but it also affects other processors and operating systems, including macOS (aka OS X), iOS, and Android. [45]
Modern computer processors use a variety of techniques to gain high levels of efficiency. Four widely used features are particularly relevant to Meltdown:
Ordinarily, the mechanisms described above are considered secure. They provide the basis for most modern operating systems and processors. Meltdown exploits the way these features interact to bypass the CPU's fundamental privilege controls and access privileged and sensitive data from the operating system and other processes. To understand Meltdown, consider the data that is mapped in virtual memory (much of which the process is not supposed to be able to access) and how the CPU responds when a process attempts to access unauthorized memory. The process is running on a vulnerable version of Windows, Linux, or macOS, on a 64-bit processor of a vulnerable type. [45] This is a very common combination across almost all desktop computers, notebooks, laptops, servers and mobile devices.
Meltdown uses this technique in sequence to read every address of interest at high speed, and depending on other running processes, the result may contain passwords, encryption data, and any other sensitive information, from any address of any process that exists in its memory map. In practice, because cache side-channel attacks are slow, it is faster to extract data one bit at a time (only 2 × 8 = 16 cache attacks needed to read a byte, rather than 256 steps if it tried to read all 8 bits at once).
The impact of Meltdown depends on the design of the CPU, the design of the operating system (specifically how it uses memory paging), and the ability of a malicious party to get any code run on that system, as well as the value of any data it could read if able to execute.
The specific impact depends on the implementation of the address translation mechanism in the OS and the underlying hardware architecture. The attack can reveal the content of any memory that is mapped into a user address space, even if otherwise protected. For example, before kernel page-table isolation was introduced, most versions of Linux mapped all physical memory into the address space of every user-space process; the mapped addresses are (mostly) protected, making them unreadable from user-space and accessible only when transitioned into the kernel. The existence of these mappings makes transitioning to and from the kernel faster, but is unsafe in the presence of the Meltdown vulnerability, as the contents of all physical memory (which may contain sensitive information such as passwords belonging to other processes or the kernel) can then be obtained via the above method by any unprivileged process from user-space.
According to researchers, "every Intel processor that implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium, and Intel Atom before 2013)." [33] Intel responded to the reported security vulnerabilities with an official statement. [57]
The vulnerability is expected to impact major cloud providers, such as Amazon Web Services (AWS) [58] and Google Cloud Platform. Cloud providers allow users to execute programs on the same physical servers where sensitive data might be stored, and rely on safeguards provided by the CPU to prevent unauthorized access to the privileged memory locations where that data is stored, a feature that the Meltdown exploit circumvents.
The original paper reports that paravirtualization ( Xen) and containers such as Docker, LXC, and OpenVZ, are affected. [54] [45] They report that the attack on a fully virtualized machine allows the guest user space to read from the guest kernel memory, but not read from the host kernel space.
The Meltdown vulnerability primarily affects Intel microprocessors, [59] but the ARM Cortex-A75 [60] and IBM's Power [1] microprocessors are also affected. The vulnerability does not affect AMD microprocessors. [20] [61] [62] [63] When the effect of Meltdown was first made public, Intel countered that the flaws affect all processors, [64] but AMD denied this, saying "we believe AMD processors are not susceptible due to our use of privilege level protections within paging architecture". [65]
Researchers have indicated that the Meltdown vulnerability is exclusive to Intel processors, while the Spectre vulnerability can possibly affect some Intel, AMD, and ARM processors. [66] [67] [68] [69] However, ARM announced that some of their processors were vulnerable to Meltdown. [60] Google has reported that any Intel processor since 1995 with out-of-order execution is potentially vulnerable to the Meltdown vulnerability (this excludes Itanium and pre-2013 Intel Atom CPUs). [70] Intel introduced speculative execution to their processors with Intel's P6 family microarchitecture with the Pentium Pro IA-32 microprocessor in 1995. [71]
ARM has reported that the majority of their processors are not vulnerable, and published a list of the specific processors that are affected. The ARM Cortex-A75 core is affected directly by both Meltdown and Spectre vulnerabilities, and Cortex-R7, Cortex-R8, Cortex-A8, Cortex-A9, Cortex-A15, Cortex-A17, Cortex-A57, Cortex-A72 and Cortex-A73 cores are affected only by the Spectre vulnerability. [60] This contradicts some early statements made about the Meltdown vulnerability as being Intel-only. [72]
A large portion of the then-current mid-range Android handsets use the Cortex-A53 or Cortex-A55 in an octa-core arrangement and are not affected by either the Meltdown or Spectre vulnerability as they do not perform out-of-order execution. This includes devices with the Qualcomm Snapdragon 630, Snapdragon 626, Snapdragon 625, and all Snapdragon 4xx processors based on A53 or A55 cores. [73] Also, no Raspberry Pi computers are vulnerable to either Meltdown or Spectre, except the newly released Raspberry Pi 4, which uses the ARM Cortex-A72 CPU. [74]
IBM has also confirmed that its Power CPUs are affected by both CPU attacks. [1] Red Hat has publicly announced that the exploits are also for IBM System Z, POWER8, and POWER9 systems. [75]
Oracle has stated that V9-based SPARC systems (T5, M5, M6, S7, M7, M8, M10, M12 processors) are not affected by Meltdown, though older SPARC processors that are no longer supported may be impacted. [76]
Mitigation of the vulnerability requires changes to operating system kernel code, including increased isolation of kernel memory from user-mode processes. [4] Linux kernel developers have referred to this measure as kernel page-table isolation (KPTI). KPTI patches have been developed for Linux kernel 4.15, and have been released as a backport in kernels 4.14.11, 4.9.75. [77] [78] [79] [80] Red Hat released kernel updates to their Red Hat Enterprise Linux distributions version 6 [81] and version 7. [82] CentOS also already released their kernel updates to CentOS 6 [83] and CentOS 7. [84]
Apple included mitigations in macOS 10.13.2, iOS 11.2, and tvOS 11.2. These were released a month before the vulnerabilities were made public. [85] [86] [87] [88] Apple has stated that watchOS and the Apple Watch are not affected. [89] Additional mitigations were included in a Safari update as well a supplemental update to macOS 10.13, and iOS 11.2.2. [90] [91] [92] [93] [94]
Microsoft released an emergency update to Windows 10, 8.1, and 7 SP1 to address the vulnerability on 3 January 2018, [95] [96] [97] as well as Windows Server (including Server 2008 R2, Server 2012 R2, and Server 2016) and Windows Embedded Industry. [98] These patches are incompatible with third-party antivirus software that use unsupported kernel calls; systems running incompatible antivirus software will not receive this or any future Windows security updates until it is patched, and the software adds a special registry key affirming its compatibility. [99] [100] [101] The update was found to have caused issues on systems running certain AMD CPUs, with some users reporting that their Windows installations did not boot at all after installation. On 9 January 2018, Microsoft paused the distribution of the update to systems with affected CPUs while it investigated and addressed this bug. [99]
It was reported that implementation of KPTI may lead to a reduction in CPU performance, with some researchers claiming up to 30% loss in performance, depending on usage, though Intel considered this to be an exaggeration. [19] It was reported that Intel processor generations that support process-context identifiers (PCID), a feature introduced with Westmere [102] and available on all chips from the Haswell architecture onward, were not as susceptible to performance losses under KPTI as older generations that lack it. [103] [104] This is because the selective translation lookaside buffer (TLB) flushing enabled by PCID (also called address space number or ASN under the Alpha architecture) enables the shared TLB behavior crucial to the exploit to be isolated across processes, without constantly flushing the entire cache – the primary reason for the cost of mitigation.
A statement by Intel said that "any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time". [21] [20] Phoronix benchmarked several popular PC games on a Linux system with Intel's Coffee Lake Core i7-8700K CPU and KPTI patches installed, and found that any performance impact was small to non-existent. [62] In other tests, including synthetic I/O benchmarks and databases such as PostgreSQL and Redis, an impact in performance was found, accounting even to tens of percent for some workloads. [105] More recently, related tests, involving AMD's FX and Intel's Sandybridge and Ivybridge CPUs, have been reported. [106]
Several procedures to help protect home computers and related devices from the Meltdown and Spectre security vulnerabilities have been published. [15] [16] [17] [18] Meltdown patches may produce performance loss. [19] [20] [21] On 18 January 2018, unwanted reboots, even for newer Intel chips, due to Meltdown and Spectre patches, were reported. [23] According to Dell: "No 'real-world' exploits of these vulnerabilities [ie, Meltdown and Spectre] have been reported to date [26 January 2018], though researchers have produced proof-of-concepts." [24] [25] Further, recommended preventions include: "promptly adopting software updates, avoiding unrecognized hyperlinks and websites, not downloading files or applications from unknown sources ... following secure password protocols ... [using] security software to help protect against malware (advanced threat prevention software or anti-virus)." [24] [25]
On 25 January 2018, the current status and possible future considerations in solving the Meltdown and Spectre vulnerabilities were presented. [107] In March 2018, Intel announced that it had designed hardware fixes for future processors for Meltdown and Spectre-V2 only, but not Spectre-V1. The vulnerabilities were mitigated by a new partitioning system that improves process and privilege-level separation. The company also announced it had developed Intel Microcode workarounds for processors dating back to 2013, and that it had plans to develop them for most processors dating back to 2007 including the Core 2 Duo; [28] [29] however, a month later in April 2018, it announced it was backing off that plan for a number of processor families and that no processor earlier than 2008 would have a patch available. [108]
On 8 October 2018, Intel was reported to have added hardware and firmware mitigations regarding Spectre and Meltdown vulnerabilities to its latest processors. [30]
Vulnerability | CVE | Exploit name | Public vulnerability name | Windows changes | Firmware changes |
---|---|---|---|---|---|
(Spectre) | 2017-5753 | Variant 1 | Bounds Check Bypass (BCB) |
|
No |
(Spectre) | 2017-5715 | Variant 2 | Branch Target Injection (BTI) | New CPU instructions eliminating branch speculation | Yes |
Meltdown | 2017-5754 | Variant 3 | Rogue Data Cache Load (RDCL) | Isolate kernel and user mode page tables | No |
{{
cite journal}}
: Cite journal requires |journal=
(
help)
unless your product allows running 3rd party or WEB applications, we believe the device is not exposed to exploits