Intel cpu flaw - kernel memory leaking

Hey guys, pro-tip, there's an ignore button and it makes life so much nicer.

Back on topic, this is some scary shit - https://mobile.twitter.com/misc0110/status/948706387491786752

 

unless you're the CIA wanting to target Iranian reactors, malware is very rarely targeted at anything other than 'everything and anything'.

 

So I presume it is Kabylake and down that is affected by the bug.

 

AMD has only confirmed 1 of the 3 exploits announced require a workaround - It's that simple.

 

Anything made in the last 10 years apparently so that'd be a shitload of CPUs if true. Pretty scary that the majority won't be patched

 

I am just laughing at you being in damage control.
This is just Karma after all your immature Failzen bashing.

Intel gone and stuffed up massively. Accept it and move on, these things happen, in-fact it is not the first time a massive flaw has been found in Intel processors. (Or AMD for that matter.)
And it will happen again.

As processors grow exponentially in size... Then so does their chances of errata.

 

There's two exploits here, one of which affects every processor out there with the exception of Cirtix and Via (sarcasm intended).

Doesn't bother me as I'm not the kind of person that wastes money on a constant upgrade cycle in order to have the best sig, I'm still running an x58 system with a Xeon in my main rig under Linux and a 2700k in my Windows PC, which I never use as Windows 10 sucks - Both have served me exceptionally well. When the time comes that this issue is resolved in silicon, I'll update my rig (probably get rid of the Windows rig) and be happy for the next ten years.

 

Only variant 1, on Linux in a non-default configuration (when you have explicitly enabled eBPF JIT). Not on Windows at all.
AMD is not vulnerable to variant 2 or variant 3.

 

Linus has made a comment here (no not that Linus, the smart one)

I really hope this doesn't affect general desktop performance more than a few percent...most of my PCs are running Intel chips

In gaming I've read that the fixes don't have any initial negative impacts but I think way more testing will need to be done before I believe that. Minimum frames and frame pacing being the two areas that need a really close look IMO.

 

https://www.bleepingcomputer.com/ne...tion-vector-for-meltdown-and-spectre-attacks/

 

There are three attack vectors grouped into 2 pretty/cute names. all 3 effect Intel, arm has acknowledged that all three can be an issue for them. AMD has stated that meltdown doesn't effect them, that they believe they are secure to one of spectre attacks and acknowledge vulnerability to one.

If you read the spectre paper they never were able to get both attacks on amd to work but believe it is vulnerable. AMD on the otherhand believe that they arent vulnerable to the second method of attack. So right now it's 3 of 3 for Intel and 3 of 3 for arm and 1 of 3 for amd.

anyone who says differently should stop spreading FUD and put there money where there mouth is and produce evidence of the compromise!

 

With the exception of Intel, until there are no 'can', believe' and 'never were ables' - It's all FUD.

 

Bull**** , systems are complex and new discoveries are made and things change over time. Researchers have been working on the for 1/2 a year as it stands its 1 of 3 for AMD, to say anything else at the stage is simply incorrect.

There is very strong language around meltdown, and less strong words around Branch Target Injection. Thats because speculative execution is extremely complex crossing many domains within the CPU ( predict, prefetch, decode/op cache, Load and store, Retirement) so that increases the risk of a possible attack vector(swiss cheese model) compared to the much simpler to protect against in hardware Rogue Data Cache Load ( Meltdown).

Again this is all false equivalence, if AMD are vulnerable to Branch Target Injection researchers haven't been able to find it and/or make it work in 6 months but have empirical data of successful compromise for other vendors.

 

A nice article that cuts through a lot of the BS..

https://www.theregister.co.uk/2018/01/04/intel_meltdown_spectre_bugs_the_registers_annotations/

 

need to see revised benchmarks after the patching.

 

Windows 10 CPU Bug Fix Patch Benchmarked

http://www.guru3d.com/articles_pages/windows_vulnerability_cpu_meltdown_patch_benchmarked,1.html

2% difference, yep 2%, we need to give up our Intel machines now

 

Unless you're doing a lot of IO you won't see that much of a performance decrease. Home users don't really have anything to worry about. Database servers - that's a completely different story.

 

Would multiplayer gaming count as a lot of IO? I'm not sure how this would compare to web server levels of IO...

 

hypervisors will be hit heavily. if you only have 30% overhead capacity remaining kiss it goodbye.

 

Likely this will affect CPU based benchmarking software? Like firestrike physics, cinebench, etc..