Intel Kernel Memory Leak

Discussion in 'Computing and Networks' started by Raymond Genovese, Jan 3, 2018.

  1. Raymond Genovese

    Thread Starter Active Member

    Mar 5, 2016
    860
    505
  2. Raymond Genovese

    Thread Starter Active Member

    Mar 5, 2016
    860
    505
    Seems to me that when they talk about "changing the microcode" on the chip, then everything you do now, with the chip that you already have, is going to be a patch. If those patches are successful with a minimum of performance decreases, then I am as fine as I can be.

    I fear that the "new" chips will have "new" price tags and that retailers will have a glut of older "vulnerable chips"....maybe at decreased prices, maybe not....maybe we are not far from "not vulnerable to ___" when you buy a system.

    But, I may not be understanding.... to me, the "microcode" is within the chip - to put it down to my level - it is the code that allows an instruction like - INC A - to work. So, when I read.. from

    nsaspook said:
    https://cloudblogs.microsoft.com/mi...-and-meltdown-mitigations-on-windows-systems/

    "Silicon Microcode Update ALSO Required on Host"

    But I also read....

    Silicon microcode is distributed by the silicon vendor to the system OEM, which then decides to release it to customers. Some system OEMs use Windows Update to distribute such microcode, others use their own update systems. We are maintaining a table of system microcode update information here. Surface will be updated through Windows Update starting today.

    So, I am a bit confused on this point.
     
  3. nsaspook

    AAC Fanatic!

    Aug 27, 2009
    4,551
    4,829
    Most modern x86 processors don't run the x86 CISC instruction set internally. Deep in the heart of each chip is usually a (very proprietary) RISC cpu with a much simpler and faster instruction set (uops). The 'microcode' translates x86 to this internal machine so it's possible to change execution behaviors within the limits of the microcode hardware by adding additional steps to mitigate hardware/architecture bugs (side effects of speculative execution, specifically branch prediction) software can't fix. There is a method to upload new microcode to existing chips but only the OEM has the (un)locking codes to encrypt the boot file in a manner the chip will accept during hardware boot.

    AMD microcode update:
    https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html
     
  4. Raymond Genovese

    Thread Starter Active Member

    Mar 5, 2016
    860
    505
    Ok, this is starting to coalesce somewhat in my mind - but I am not feeling better about it, I am feeling worse. Can't help but think that OEM is going to mean SOL for many.
     
  5. nsaspook

    AAC Fanatic!

    Aug 27, 2009
    4,551
    4,829
    At least here the main OEM is Intel with a huge bankroll of cash they want to keep.
     
  6. Raymond Genovese

    Thread Starter Active Member

    Mar 5, 2016
    860
    505
    So, let's say I have a Dell (actually what I am on now is not a Dell, but I have a Dell with XP), using a Genuine Intel processor and Genuine Windows. I can safely count on a patch released by Windows update?

    What about a customized build - depends on the MB and chipset?

    I guess this is what the database is all about?

    What a freaking nightmare.
     
  7. nsaspook

    AAC Fanatic!

    Aug 27, 2009
    4,551
    4,829
    New microcode and kernel released for Debian64.
    Patched... Passed the exploit test.
    [​IMG]
     
    Last edited: Jan 12, 2018
  8. Natakel

    Well-Known Member

    Oct 11, 2008
    59
    14
    There is a utility to check for this vulnerability - but I have not used it myself yet. I'm going to when I get back home (I'm on an away).
    I will not post a shortcut to it, as I am unsure of the forum rules for such. I'd imagine it's available on the Ashampoo site, among others.
    I've read articles where AMD cpu's have indeed been affected, but I have no percentage stats on this - it's all anecdotal.

    The utility is supposed to check for the vulnerability, and if found, will give details on how best to deal with it, according to the MajorGeeks site.

    Ashampoo Spectre Meltdown CPU Checker 1.0.0


     
    Last edited: Jan 12, 2018
  9. joeyd999

    AAC Fanatic!

    Jun 6, 2011
    3,903
    5,212
    I installed the update today on my work PC: Ubuntu 16.04 LTS. Running normally, and I have not experienced any noticeable slowdowns in the course of my typical work.
     
  10. nsaspook

    AAC Fanatic!

    Aug 27, 2009
    4,551
    4,829
  11. nsaspook

    AAC Fanatic!

    Aug 27, 2009
    4,551
    4,829
    https://www.bleepingcomputer.com/ne...ustomers-to-not-install-spectre-bios-updates/
     
  12. nsaspook

    AAC Fanatic!

    Aug 27, 2009
    4,551
    4,829
    http://www.businessinsider.com/inte...-meltdown-proof-chips-coming-this-year-2018-1
     
  13. Raymond Genovese

    Thread Starter Active Member

    Mar 5, 2016
    860
    505
    So, what I feared is happening - Oy Vey!
     
    nsaspook likes this.
  14. nsaspook

    AAC Fanatic!

    Aug 27, 2009
    4,551
    4,829
    https://www.bleepingcomputer.com/ne...and-update-that-disables-spectre-mitigations/
     
  15. nsaspook

    AAC Fanatic!

    Aug 27, 2009
    4,551
    4,829
  16. nsaspook

    AAC Fanatic!

    Aug 27, 2009
    4,551
    4,829
    https://www.bleepingcomputer.com/ne...ack-can-extract-data-from-intel-sgx-enclaves/
     
  17. Raymond Genovese

    Thread Starter Active Member

    Mar 5, 2016
    860
    505
  18. nsaspook

    AAC Fanatic!

    Aug 27, 2009
    4,551
    4,829
  19. Raymond Genovese

    Thread Starter Active Member

    Mar 5, 2016
    860
    505
  20. joeyd999

    AAC Fanatic!

    Jun 6, 2011
    3,903
    5,212
    Why so cynical?

    Do you have evidence they knew these vulnerabilities existed years ago that they actively neglected to a) inform their customers and b) revise their new silicon?

    Do you have evidence that they did not take security at the silicon level seriously until these exploits became known?

    Do you think the NSA (and any other intelligence-based 3-letter acronym you can think of) did not review hardware security with their chosen vendors while developing their intelligence and data storage and access systems?

    IMHO, Occum's razor applies here: the bad guys only need to be right once. The good guys -- 100% of the time.
     
Loading...