[Info-vax] Intel x86-64 Processor Design Security Vulnerability?
Craig A. Berry
craigberry at nospam.mac.com
Thu Jan 4 12:25:56 EST 2018
On 1/4/18 9:18 AM, Scott Dorsey wrote:
> Craig A. Berry <craigberry at nospam.mac.com> wrote:
>> On 1/4/18 6:38 AM, Neil Rieck wrote:
>>
>>> I noticed that the security exploit only exists in some products from Intel and ARM but no products from AMD.
>>
>> There are reports that say any processor that does out-of-order
>> execution is vulnerable and there are reports that say AMD is not
>> vulnerable. I would wait until more research is done before depending on
>> the latter.
>
> There are two exploits involved. One of them is Intel-specific, the other
> is not. The Intel-specific one seems the more easily exploited.
I don't think you can safely say Meltdown is Intel-specific (Spectre is
definitely not). The Meltdown whitepaper at
<https://meltdownattack.com/meltdown.pdf> just says that the
demonstrator exploit didn't initially work on ARM and AMD, speculates
about some of the reasons that might be the case, and then says that
"for both ARM and AMD, the toy example as described in Section 3 works
reliably, indicating that out-of-order execution generally occurs and
instructions past illegal memory accesses are also performed." In other
words, exploits for other processors could probably be developed, but so
far it's only been demonstrated on Intel.
More information about the Info-vax
mailing list