Jump to content

Foreshadow, yet another Intel vulnerability

dfsdfgfkjsefoiqzemnd
 Share
Posted

All these names...

The Workhorse (AMD-powered custom desktop)

CPU: AMD Ryzen 7 3700X | GPU: MSI X Trio GeForce RTX 2070S | RAM: XPG Spectrix D60G 32GB DDR4-3200 | Storage: 512GB XPG SX8200P + 2TB 7200RPM Seagate Barracuda Compute | OS: Microsoft Windows 10 Pro

 

The Portable Workstation (Apple MacBook Pro 16" 2021)

SoC: Apple M1 Max (8+2 core CPU w/ 32-core GPU) | RAM: 32GB unified LPDDR5 | Storage: 1TB PCIe Gen4 SSD | OS: macOS Monterey

 

The Communicator (Apple iPhone 13 Pro)

SoC: Apple A15 Bionic | RAM: 6GB LPDDR4X | Storage: 128GB internal w/ NVMe controller | Display: 6.1" 2532x1170 "Super Retina XDR" OLED with VRR at up to 120Hz | OS: iOS 15.1

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Is this AMDs strategy? Achieve better single core performance than Intel by measure of Intel needing microcode patches that reduce performance? xD 

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | Car: 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Be Quiet! Pure Power 11 600W | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2018 Core i3 Mac mini, 128GB SSD, Intel UHD 630, 16GB DDR4 | Storage: OWC Mercury Elite Pro Quad (6TB WD Blue HDD, 12TB Seagate Barracuda, 1TB Crucial SSD, 2TB Seagate Barracuda HDD)
Link to comment
Share on other sites
Link to post
Share on other sites
Posted
11 minutes ago, DrMacintosh said:

Is this AMDs strategy? Achieve better single core performance than Intel by measure of Intel needing microcode patches that reduce performance? xD 

:P 

 

on a serious note, that might become an issue for intel though, if this keeps going on... 

She/Her

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
13 minutes ago, DrMacintosh said:

Is this AMDs strategy? Achieve better single core performance than Intel by measure of Intel needing microcode patches that reduce performance? xD 

 

Just now, firelighter487 said:

:P 

 

on a serious note, that might become an issue for intel though, if this keeps going on... 

so far there is no indication that there will be performance loss to patch this

🌲🌲🌲

 

 

 

◒ ◒ 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 minute ago, firelighter487 said:

:P 

 

on a serious note, that might become an issue for intel though, if this keeps going on... 

Intel Core processors slowly gimped over time as new security holes are found over the months xD 

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | Car: 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Be Quiet! Pure Power 11 600W | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2018 Core i3 Mac mini, 128GB SSD, Intel UHD 630, 16GB DDR4 | Storage: OWC Mercury Elite Pro Quad (6TB WD Blue HDD, 12TB Seagate Barracuda, 1TB Crucial SSD, 2TB Seagate Barracuda HDD)
Link to comment
Share on other sites
Link to post
Share on other sites
Posted
Just now, Arika S said:

so far there is no indication that there will be performance loss to patch this

interesting... i guess that's good news for people with newer systems then. 

She/Her

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Vulnerabilities are really a trending topic for all time. Foreshadow is the third significant flaw to affect the company’s chips this year. I hope that the patch they released will really mitigates or stops the problem for attackers could exploit this vulnerability to obtain sensitive information.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted (edited)

There is an overview of all additional vulnerabilities in processors since Spectre & Meltdown at the end of this article here. The count is: 16 found so far.


(Sorry, german language, but the table is "international"):
https://heise.de/-4137209

 

Ninja-Edit: Found two videos explaining the "Foreshadow" from Red Hat:

 

 

Edited by Questargon
Added videos

CPU Ryzen 7 5800X | MoBo MSI B550 Gaming Plus | RAM 32GB Teamgroup @3600/18 | GPU EVGA RTX 3070 Ti FTW | Case Enthoo Pro M SE
PSU bq! Straight Power 11 Plat. 750W CM | Cooling Scythe Fuma 2 & 5x Corsair ML140 | Sound SB Z Retail | Storage Samsung 970 EVO 500GB
Display(s) Iiyama GB3461WQSU, Dell 24", LG 34UM95 | Keyboard Kinesis Freestyle Edge | Mouse Logitech G900 Chaos Spectrum | OS Windows 11

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
3 hours ago, DrMacintosh said:

Intel Core processors slowly gimped over time as new security holes are found over the months xD 

AMDs new strategy. Poke holes in the competition stability or security untill they win

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Would've thought if it affects Skylake and up it would be called Skyfall

 

Y'all need to be careful of black hats

That's an F in the profile pic

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
13 hours ago, GoldenLag said:

Except Ryzen never fall. 

It can if Linus tries to handle it and drop it.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
12 hours ago, Bananasplit_00 said:

Skylake and up? Then I don't care too much. 4th gen for the win! xD

3rd Gen FTW :P

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
32 minutes ago, Froody129 said:

Would've thought if it affects Skylake and up it would be called Skyfall

 

Y'all need to be careful of black hats

Copyright issues

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
16 hours ago, bcredeur97 said:

inb4 we go back to pentium 4 era of performance just from security patches

xD

Time to go back to Turing machines. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

 

17 hours ago, bcredeur97 said:

inb4 we go back to pentium 4 era of performance just from security patches

xD

I made this joke to a friend a few weeks ago! It is starting to look like everything Intel has done to increase speed basically relates to these vulnerabilities.

CPU: Core i7 4970K | MOBO: Asus Z87 Pro | RAM: 32GBs of G.Skill Ares 1866 | GPU: MSI GAMING X GTX 1070 | STOR: 2 X Crucial BX100 250GB, 2 x WD Blk 1TB (mirror),WD Blk 500GB | CASE: Cooler Master HAF 932 Advanced | PSU: EVGA SUPERNOVA G2 750W | COOL: Cooler Master Hyper T4 | DISP: 21" 1080P POS | KB: MS Keyboard | MAU5: Redragon NEMEANLION | MIC: Snowball Blue | OS: Win 8.1 Pro x64, (Working on Arch for dual boot) |

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

who cares, well all be using AMD cpu's in no time (i'm already) :D

 

more seriously isn't it natural for this news to feature more Intel then AMD considering that almost everyone had a Intel CPU's up to 1 year ago?

.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
16 hours ago, firelighter487 said:

Xeon X5650 here :D 

 

https://ark.intel.com/products/47922/Intel-Xeon-Processor-X5650-12M-Cache-2_66-GHz-6_40-GTs-Intel-QPI

It affects you also, it affects all their CPU's and you are on Westmere.  Bare in mind that this primarily affects cloud service providers with shared virtualised hosts.  For public cloud service providers this is a massive shit storm of work to sort out.

 

CVE-2018-3646 

Affected list.

Intel Code Name FMS Intel Brand Names
Nehalem-EP 0x106a5 Intel Xeon 35xx Series;
Intel Xeon 55xx Series
Lynnfield 0x106e5 Intel Xeon 34xx Lynnfield Series
Clarkdale 0x20652 Intel i3/i5 Clarkdale Series;
Intel Xeon 34xx Clarkdale Series
Arrandale 0x20655 Intel Core i7-620LE Processor
Sandy Bridge DT 0x206a7 Intel Xeon E3-1100 Series;
Intel Xeon E3-1200 Series;
Intel i7-2655-LE Series;  Intel i3-2100 Series
Westmere EP 0x206c2 Intel Xeon 56xx Series;
Intel Xeon 36xx Series
Sandy Bridge EP 0x206d7 Intel Pentium 1400 Series;
Intel Xeon E5-1400 Series;
Intel Xeon E5-1600 Series;
Intel Xeon E5-2400 Series;
Intel Xeon E5-2600 Series;
Intel Xeon E5-4600 Series
Nehalem EX 0x206e6 Intel Xeon 65xx Series;
Intel Xeon 75xx Series
Westmere EX 0x206f2 Intel Xeon E7-8800 Series;
Intel Xeon E7-4800 Series;
Intel Xeon E7-2800 Series
Ivy Bridge DT 0x306a9 Intel i3-3200 Series; Intel i7-3500-LE/UE, Intel i7-3600-QE,
Intel Xeon E3-1200-v2 Series;
Intel Xeon E3-1100-C-v2 Series;
Intel Pentium B925C
Haswell DT 0x306c3 Intel Xeon E3-1200-v3 Series
Ivy Bridge EP 0x306e4 Intel Xeon E5-4600-v2 Series;
Intel Xeon E5-2400-v2 Series;
Intel Xeon E5-2600-v2 Series;
Intel Xeon E5-1400-v2 Series;
Intel Xeon E5-2600-v2 Series
Ivy Bridge EX 0x306e7 Intel Xeon E7-8800/4800/2800-v2 Series
Haswell EP 0x306f2 Intel Xeon E5-2400-v3 Series;
Intel Xeon E5-1400-v3 Series;
Intel Xeon E5-1600-v3 Series;
Intel Xeon E5-2600-v3 Series;
Intel Xeon E5-4600-v3 Series
Haswell EX 0x306f4 Intel Xeon E7-8800/4800-v3 Series
Broadwell H 0x40671 Intel Core i7-5700EQ;
Intel Xeon E3-1200-v4 Series
Avoton 0x406d8 Intel Atom C2300 Series;
Intel Atom C2500 Series;
Intel Atom C2700 Series
Broadwell EP/EX 0x406f1 Intel Xeon E7-8800/4800-v4 Series;
Intel Xeon E5-4600-v4 Series;
Intel Xeon E5-2600-v4 Series;
Intel Xeon E5-1600-v4 Series
Skylake SP 0x50654 Intel Xeon Platinum 8100 (Skylake-SP) Series;
Intel Xeon Gold 6100/5100 (Skylake-SP) Series
Intel Xeon Silver 4100, Bronze 3100 (Skylake-SP) Series
Broadwell DE 0x50662 Intel Xeon D-1500 Series
Broadwell DE 0x50663 Intel Xeon D-1500 Series
Broadwell DE 0x50664 Intel Xeon D-1500 Series
Broadwell NS 0x50665 Intel Xeon D-1500 Series
Skylake H/S 0x506e3 Intel Xeon E3-1500-v5 Series;
Intel Xeon E3-1200-v5 Series
Kaby Lake H/S/X 0x906e9 Intel Xeon E3-1200-v6

Please quote or tag me if you need a reply

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I'm sure we will see more of this 

finding it everywhere if you look for it

No one really hasnt been targeted

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

This whole thing just reads like it's now become a PhD thesis circle jerk of finding unexploitable vulnerabilities.

 

I found a flaw too...I just need admin access, a mouse, keyboard, and sitting in front of your computer and I can steal all your data!

Workstation:  13700k @ 5.5Ghz || Gigabyte Z790 Ultra || MSI Gaming Trio 4090 Shunt || TeamGroup DDR5-7800 @ 7000 || Corsair AX1500i@240V || whole-house loop.

LANRig/GuestGamingBox: 9900nonK || Gigabyte Z390 Master || ASUS TUF 3090 650W shunt || Corsair SF600 || CPU+GPU watercooled 280 rad pull only || whole-house loop.

Server Router (Untangle): 13600k @ Stock || ASRock Z690 ITX || All 10Gbe || 2x8GB 3200 || PicoPSU 150W 24pin + AX1200i on CPU|| whole-house loop

Server Compute/Storage: 10850K @ 5.1Ghz || Gigabyte Z490 Ultra || EVGA FTW3 3090 1000W || LSI 9280i-24 port || 4TB Samsung 860 Evo, 5x10TB Seagate Enterprise Raid 6, 4x8TB Seagate Archive Backup ||  whole-house loop.

Laptop: HP Elitebook 840 G8 (Intel 1185G7) + 3080Ti Thunderbolt Dock, Razer Blade Stealth 13" 2017 (Intel 8550U)

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
23 hours ago, mark_cameron said:

When is the Casino Royale vulnerability going to be found?

 

Or maybe View to a Kill?

 

Or Thunderball ?

 

My Rig "Valiant"  Intel® Core™ i7-5930 @3.5GHz ; Asus X99 DELUXE 3.1 ; Corsair H110i ; Corsair Dominator Platinium 64GB 3200MHz CL16 DDR4 ; 2 x 6GB ASUS NVIDIA GEFORCE GTX 980 Ti Strix ; Corsair Obsidian Series 900D ; Samsung 950 Pro NVME + Samsung 850 Pro SATA + HDD Western Digital Black - 2TB ; Corsair AX1500i Professional 80 PLUS Titanium ; x3 Samsung S27D850T 27-Inch WQHD Monitor
 
Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
4 hours ago, Falconevo said:

It affects you also, it affects all their CPU's and you are on Westmere.

This particular vulnerability according to Intel's own advisory page affects :

 

6th generation Intel® Core™ processors
7th generation Intel® Core™ processors
8th generation Intel® Core™ processors
Intel® Xeon® Processor E3 v5 Family
Intel® Xeon® Processor E3 v6 Family

 

But that's just the Foreshadow/L1TF vulnerability.  Looking at the list of Intel CPUs that are affected by speculative execution vulnerabilities in general, you may want to refrain from buying anything more modern than a Pentium 4

 

 

Intel® Core™ i3 processor (45nm and 32nm)

Intel® Core™ i5 processor (45nm and 32nm)
Intel® Core™ i7 processor (45nm and 32nm)
Intel® Core™ M processor family (45nm and 32nm)
2nd generation Intel® Core™ processors
3rd generation Intel® Core™ processors
4th generation Intel® Core™ processors
5th generation Intel® Core™ processors
6th generation Intel® Core™ processors
7th generation Intel® Core™ processors
8th generation Intel® Core™ processors
Intel® Core™ X-series Processor Family for Intel® X99 platforms
Intel® Core™ X-series Processor Family for Intel® X299 platforms
Intel® Xeon® processor 3400 series
Intel® Xeon® processor 3600 series
Intel® Xeon® processor 5500 series
Intel® Xeon® processor 5600 series
Intel® Xeon® processor 6500 series
Intel® Xeon® processor 7500 series
Intel® Xeon® Processor E3 Family
Intel® Xeon® Processor E3 v2 Family
Intel® Xeon® Processor E3 v3 Family
Intel® Xeon® Processor E3 v4 Family
Intel® Xeon® Processor E3 v5 Family
Intel® Xeon® Processor E3 v6 Family
Intel® Xeon® Processor E5 Family
Intel® Xeon® Processor E5 v2 Family
Intel® Xeon® Processor E5 v3 Family
Intel® Xeon® Processor E5 v4 Family
Intel® Xeon® Processor E7 Family
Intel® Xeon® Processor E7 v2 Family
Intel® Xeon® Processor E7 v3 Family
Intel® Xeon® Processor E7 v4 Family
Intel® Xeon® Processor Scalable Family
Intel® Xeon® Processor D (1500, 2100)

Source : https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
On 8/15/2018 at 12:04 PM, DaPhuc said:

How many performance will it impact? 

About 10 performances it will impact 

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×