Meltdown/Spectre

Meltdown/Spectre


Overview

Vulnerabilities in speculative execution, branch prediction, and application isolation that lead to sensitive information disclosure and affect almost all modern processors have recently been disclosed. Speculative execution and branch prediction are processes designed to increase the performance of processors by performing anticipatory calculations that may not be needed to complete a process. Application isolation prevents user applications from accessing the memory address space of another application. The Meltdown and Spectre attacks are based on the ways processors handle speculative tasks and out of order execution. These vulnerabilities, if successfully exploited, allow an attacker to view otherwise confidential information in a system’s memory.

Threat Intelligence

At this time we are not aware of these vulnerabilities being exploited in the wild. However, proof-of-concept scripts have been made public. Our Threat Intelligence team will continue to monitor for updates as more information becomes available.

Technical Summary

Speculative execution and branch prediction are the premature execution of tasks by a processor before it is known where and if this information is needed. These are designed to optimize performance in modern CPUs. If it is determined information that is a product of speculative execution was not needed, the information is discarded.

Spectre tricks applications into accessing system memory through choosing specific instructions to speculatively execute. By training the Branch Target Buffer to mispredict, an attacker can redirect to a gadget (or machine code snippet) instead of the correct memory address. The execution of this abnormal speculative operation leaks sensitive information from any application running on the system via side channels from the victim’s machine. Spectre can also be exploited via JavaScript to read information from browser address space. For further information, please reference the authors’ whitepaper at spectreattack.com/spectre.pdf.

Application isolation prevents applications from accessing arbitrary system memory. Meltdown breaks protections that stop applications from accessing system memory by exploiting out of order execution, a feature to increase performance in newer processors. Only systems running Intel processors are vulnerable to Meltdown due to its use of an Intel specific privilege escalation flaw. Use of the same CPU by multiple users increases the risk for both Spectre and Meltdown.

For additional information, please reference the white paperswhitepapers from the Graz University of Technology.

Recommendations

We recommend the following actions be taken:

  • Apply the released patches for Linux (KPTI, formerly KAISER), OS X, Android, and Microsoft.ong>
  • Apply applicable BIOS updates.
  • Ensure the latest version of your desired browser is installed.

Patches

Microsoft
Android

References

Vulnerabilities

Meltdown
Spectre

Systems Affected

Meltdown
  • Intel processors
Spectre
  • Intel, AMD, and ARM processors.

All devices containing these chips are vulnerable.

We use cookies to improve your web experience, better understand how our site is used, and personalize advertising. By continuing to use this site you are giving us your consent to do this. Read more and make cookie choices by visiting our privacy policy.