About me

Nullam nec elit quis tortor aliquam venenatis a ac enim. Quisque iaculis orci ante, eu tincidunt arcu tempor vitae. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Suspendisse malesuada ante dictum, auctor elit semper, semper dui.

Meltdown & Spectre: Modern CPU vulnerabilities

Meltdown & Spectre: Modern CPU vulnerabilities
January 3, 2018
by

Today, chatter has increased significantly about a set of related vulnerabilities that impact several modern CPUs that perform speculative instruction execution, amongst which Intel and AMD chips. These vulnerabilities allow an attacker to gain access to kernel space memory or to another process’s memory, which in theory they should not have access to. In turn, this leads to potential information leakage of sensitive information like passwords, encryption keys, etc. In the case of virtualized environment, it is possible to cross the boundary of the virtual machine guest OS to another virtual machine’s address space, making data leakage in cloud environments even more problematic.

 

Circuit Board

 

These vulnerabilities have been dubbed Meltdown and Spectre. The CVEs associated with them are:

  • CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass
  • CVE-2017-5715 hw: cpu: speculative execution branch target injection
  • CVE-2017-5754 hw: cpu: speculative execution permission faults handling

There is no known exploit in the wild taking advantage of these vulnerabilities yet. But there has been a proof of concept posted by a PhD student from a university in Austria. There is little doubt that some sophisticated threat actors will attempt to take advantage of unpatched systems in the near future.

Operating systems vendors have been working on patches to mitigate these vulnerabilities. Some Linux updates are available for download. Windows updates have just been made available today. Amazon is planning system updates on January 4. Google has made updates available to its Cloud Platform and Chrome OS and has already updated Android and G-suite. MacOS has already deployed fixes.

It is speculated that the fixes will have a non-negligible performance impact that depends on the operating system, the nature of the fix and the workload of the system.

Exposure of Juniper’s products

 

Juniper SIRT has published an advisory at https://kb.juniper.net/JSA10842 with more information about the impact and available mitigations for Juniper products.

Mitigation

To mitigate this vulnerability, it is highly recommended to apply patches relevant to the operating systems you run as vendors make them available.

Share
Related posts
The Hidden Door: How CVE-2024-23897 Enabled Ransomware Attack on Indian Banks
The Hidden Door: How CVE-2024-23897 Enabled Ransomware Attack on Indian Banks
August 13, 2024
by
BianLian Ransomware Group: 2024 Activity Analysis
BianLian Ransomware Group: 2024 Activity Analysis
July 11, 2024
by
Protecting Networks from Opportunistic Ivanti Pulse Secure Vulnerability Exploitation
Protecting Networks from Opportunistic Ivanti Pulse Secure Vulnerability Exploitation
May 7, 2024
by