Versions Compared

Old Version 16

changes.mady.by.user user-9a25e

Saved on

compared with

New Version 17

changes.mady.by.user user-8b192

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

PublicCVEAlias(es)CPUs AffectedSpeculative TriggerImpactMitigationsReferences
Jan 3, 2018CVE-2017-5753Spectre V1Intel
ARM		Branch prediction bounds check bypassCross- and intra-process (including kernel) memory disclosure

OS

Compiler

Browser

https://www.kb.cert.org/vuls/id/584653

https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html

https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability

Jan 3, 2018CVE-2017-5715Spectre V2Intel
AMD
ARM		Branch target injectionCross- and intra-process (including kernel) memory disclosureMicrocode

https://www.kb.cert.org/vuls/id/584653

https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html

https://www.amd.com/en/corporate/security-updates
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability

Jan 3, 2018CVE-2017-5754

Spectre V3

Meltdown

IntelOut-of-order executionKernel memory disclosure to userspaceOShttps://www.kb.cert.org/vuls/id/584653
https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html
May 21, 2018CVE-2018-3640Spectre V3a (RSRE)Intel
ARM		System register readDisclosure of system register valuesMicrocode

https://www.kb.cert.org/vuls/id/180049

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html

https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability

May 21, 2018CVE-2018-3639Spectre V4 (SSB)Intel
AMD
ARM

Memory reads before prior memory write addresses knownCross- and intra-process (including kernel) memory disclosure

OS

Microcode

https://www.kb.cert.org/vuls/id/180049

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
https://www.amd.com/en/corporate/security-updates

https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability

Jun 13, 2018CVE-2018-3665Lazy FPIntelLazy FPU state restoreLeak of FPU stateOShttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html
July 10, 2018CVE-2017-5753Spectre1.1Intel

Bounds check bypass

Speculative buffer overflow

Cross- and intra-process (including kernel) memory disclosure

OShttps://01.org/security/advisories/intel-oss-10002
July 10, 2018CVE-2018-3693Spectre1.2IntelBounds check bypass store

Overwrite read-only data and pointers

Cross- and intra-process (including kernel) memory disclosure

OS

https://01.org/security/advisories/intel-oss-10002

https://arxiv.org/abs/1807.03757

Notes

General

The causes of these vulnerabilities are rooted in CPU hardware design choices intended to optimize performance.
https://lwn.net/Articles/755419/
https://pdfs.semanticscholar.org/2209/42809262c17b6631c0f6536c91aaf7756857.pdf

...

The FPU state may contain sensitive information such as cryptographic keys. As an example, the Intel AES instruction set (AES-NI) uses FPU registers to store round keys. It is only possible to exploit when the underlying operating system or hypervisor uses lazy FPU switching.
https://blog.cyberus-technology.de/posts/2018-06-06-intel-lazyfp-vulnerability.html