| LaserDisc Database https://forum.lddb.com/ |
|
| The latest CPU bug headache: ZombieLoad https://forum.lddb.com/viewtopic.php?f=2&t=8430 |
Page 1 of 1 |
| Author: | admin [ 15 May 2019, 16:54 ] |
| Post subject: | The latest CPU bug headache: ZombieLoad |
And I thought that we were done with SPECTRE and MELTDOWN CPU flaws (fully patched now!) Now comes a new families of attacks! https://www.zdnet.com/article/linux-vs-zombieload/ And sure enough: CVE-2018-12126 aka 'Fallout, microarchitectural store buffer data sampling (MSBDS)' * CPU supports the MD_CLEAR functionality: NO * Kernel supports using MD_CLEAR mitigation: NO > STATUS: VULNERABLE (Neither your kernel or your microcode support mitigation, upgrade both to mitigate the vulnerability) CVE-2018-12130 aka 'ZombieLoad, microarchitectural fill buffer data sampling (MFBDS)' * CPU supports the MD_CLEAR functionality: NO * Kernel supports using MD_CLEAR mitigation: NO > STATUS: VULNERABLE (Neither your kernel or your microcode support mitigation, upgrade both to mitigate the vulnerability) CVE-2018-12127 aka 'RIDL, microarchitectural load port data sampling (MLPDS)' * CPU supports the MD_CLEAR functionality: NO * Kernel supports using MD_CLEAR mitigation: NO > STATUS: VULNERABLE (Neither your kernel or your microcode support mitigation, upgrade both to mitigate the vulnerability) CVE-2019-11091 aka 'RIDL, microarchitectural data sampling uncacheable memory (MDSUM)' * CPU supports the MD_CLEAR functionality: NO * Kernel supports using MD_CLEAR mitigation: NO > STATUS: VULNERABLE (Neither your kernel or your microcode support mitigation, upgrade both to mitigate the vulnerability) Let's wait for the new round of patches! Julien |
|
| Author: | rein-o [ 15 May 2019, 19:57 ] |
| Post subject: | Re: The latest CPU bug headache: ZombieLoads |
Ugh, good luck with it. |
|
| Author: | admin [ 16 May 2019, 14:23 ] |
| Post subject: | Re: The latest CPU bug headache: ZombieLoads |
Intel published new CPU microcodes + Linux Kernel 5.1.2 is adding countermeasures. Code: Select all [ 0.000000] microcode: microcode updated early to revision 0x27, date = 2019-02-26+ Linux 5.1.2 #1 SMP Wed May 15 12:07:07 CEST 2019 x86_64 GNU/Linux After a reboot with a fresh kernel + microcodes, we're good again! CVE-2018-12126 aka 'Fallout, microarchitectural store buffer data sampling (MSBDS)' * Mitigated according to the /sys interface: YES (Mitigation: Clear CPU buffers; SMT vulnerable) * CPU supports the MD_CLEAR functionality: YES * Kernel supports using MD_CLEAR mitigation: YES (md_clear found in /proc/cpuinfo) * Kernel mitigation is enabled and active: YES * SMT is either mitigated or disabled: NO > STATUS: NOT VULNERABLE (Mitigation: Clear CPU buffers; SMT vulnerable) CVE-2018-12130 aka 'ZombieLoad, microarchitectural fill buffer data sampling (MFBDS)' * Mitigated according to the /sys interface: YES (Mitigation: Clear CPU buffers; SMT vulnerable) * CPU supports the MD_CLEAR functionality: YES * Kernel supports using MD_CLEAR mitigation: YES (md_clear found in /proc/cpuinfo) * Kernel mitigation is enabled and active: YES * SMT is either mitigated or disabled: NO > STATUS: NOT VULNERABLE (Mitigation: Clear CPU buffers; SMT vulnerable) CVE-2018-12127 aka 'RIDL, microarchitectural load port data sampling (MLPDS)' * Mitigated according to the /sys interface: YES (Mitigation: Clear CPU buffers; SMT vulnerable) * CPU supports the MD_CLEAR functionality: YES * Kernel supports using MD_CLEAR mitigation: YES (md_clear found in /proc/cpuinfo) * Kernel mitigation is enabled and active: YES * SMT is either mitigated or disabled: NO > STATUS: NOT VULNERABLE (Mitigation: Clear CPU buffers; SMT vulnerable) CVE-2019-11091 aka 'RIDL, microarchitectural data sampling uncacheable memory (MDSUM)' * Mitigated according to the /sys interface: YES (Mitigation: Clear CPU buffers; SMT vulnerable) * CPU supports the MD_CLEAR functionality: YES * Kernel supports using MD_CLEAR mitigation: YES (md_clear found in /proc/cpuinfo) * Kernel mitigation is enabled and active: YES * SMT is either mitigated or disabled: NO > STATUS: NOT VULNERABLE (Mitigation: Clear CPU buffers; SMT vulnerable) Julien |
|
| Page 1 of 1 | All times are UTC [ DST ] |
| Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |
|