Versions Compared

Old Version 14

changes.mady.by.user user-8b192

Saved on

compared with

New Version 15

changes.mady.by.user user-8b192

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

PublicCVEAlias(es)CPUs AffectedSpeculative TriggerImpactMitigationsReferences
Jan 3, 2018CVE-2017-5753Spectre V1Intel
ARM		Branch prediction bounds check bypassCross- and intra-process (including kernel) memory disclosureOS
Compiler
Browser		https://www.kb.cert.org/vuls/id/584653
https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
Jan 3, 2018CVE-2017-5715Spectre V2Intel
AMD
ARM		Branch target injectionCross- and intra-process (including kernel) memory disclosureMicrocodehttps://www.kb.cert.org/vuls/id/584653
https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html
https://www.amd.com/en/corporate/security-updates
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
Jan 3, 2018CVE-2017-5754Spectre V3
Meltdown		IntelOut-of-order executionKernel memory disclosure to userspaceOShttps://www.kb.cert.org/vuls/id/584653
https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html
May 21, 2018CVE-2018-3640Spectre V3a (RSRE)Intel
ARM		System register readDisclosure of system register valuesMicrocodehttps://www.kb.cert.org/vuls/id/180049
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
May 21, 2018CVE-2018-3639Spectre V4 (SSB)Intel
AMD
ARM

Memory reads before prior memory write addresses knownCross- and intra-process (including kernel) memory disclosureOS
Microcode		https://www.kb.cert.org/vuls/id/180049
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
https://www.amd.com/en/corporate/security-updates
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
Jun 13, 2018CVE-2018-3665Lazy FPIntelLazy FPU state restoreLeak of FPU stateOShttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html

Notes

General

The causes of these vulnerabilities are rooted in CPU hardware design choices intended to optimize performance.
https://lwn.net/Articles/755419/
https://pdfs.semanticscholar.org/2209/42809262c17b6631c0f6536c91aaf7756857.pdf

Spectre V1

Spectre V1 has been demonstrated to bypass protections provided by Intel SGX. Intel has updated the SGX SDK to mitigate these vulnerabilities when the SGX enclaves are rebuilt. 
https://software.intel.com/sites/default/files/managed/e1/ec/SGX_SDK_Developer_Guidance-CVE-2017-5753.pdf

...