Jump to content

Foreshadow, yet another Intel vulnerability

dfsdfgfkjsefoiqzemnd
 Share
Posted

All these names...

The Workhorse (AMD-powered custom desktop)

CPU: AMD Ryzen 7 3700X | GPU: MSI X Trio GeForce RTX 2070S | RAM: XPG Spectrix D60G 32GB DDR4-3200 | Storage: 512GB XPG SX8200P + 2TB 7200RPM Seagate Barracuda Compute | OS: Microsoft Windows 10 Pro

 

The Portable Workstation (Apple MacBook Pro 16" 2021)

SoC: Apple M1 Max (8+2 core CPU w/ 32-core GPU) | RAM: 32GB unified LPDDR5 | Storage: 1TB PCIe Gen4 SSD | OS: macOS Monterey

 

The Communicator (Apple iPhone 13 Pro)

SoC: Apple A15 Bionic | RAM: 6GB LPDDR4X | Storage: 128GB internal w/ NVMe controller | Display: 6.1" 2532x1170 "Super Retina XDR" OLED with VRR at up to 120Hz | OS: iOS 15.1

Link to post
Share on other sites
Posted

Is this AMDs strategy? Achieve better single core performance than Intel by measure of Intel needing microcode patches that reduce performance? xD 

Laptop: 2024 16" MacBook Pro M4 Pro, 512GB, 48GB Unified Memory | Phone: iPhone 16 Pro Max 512GB | Wearables: Apple Watch SE | Car: 2025 Honda Accord SE & 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: Sapphire Nitro+ 9070XT | Case: Fractal North | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Seasonic Focus GX-850 | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Noctua NH-U12S | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2024 M4 Mac mini, 256GB SSD, 16GB Unified Memory | Storage: Terramaster D4-320 DAS (12TB Seagate Ironwolf Pro, 12TB Seagate Ironwolf, 6TB WD Blue HDD, 500GB Crucial SSD)
Link to post
Share on other sites
Posted
11 minutes ago, DrMacintosh said:

Is this AMDs strategy? Achieve better single core performance than Intel by measure of Intel needing microcode patches that reduce performance? xD 

:P 

 

on a serious note, that might become an issue for intel though, if this keeps going on... 

She/Her

Phone: OnePlus Nord CE 5G | 128GB | 8GB Ram

Main Desktop: Ryzen 5 3600 | GTX 1060 6GB | 32GB Ram
Main Laptop: Acer Aspire V3-771G | Core i7 3612QM | 16GB

Link to post
Share on other sites
Posted
1 minute ago, firelighter487 said:

:P 

 

on a serious note, that might become an issue for intel though, if this keeps going on... 

Intel Core processors slowly gimped over time as new security holes are found over the months xD 

Laptop: 2024 16" MacBook Pro M4 Pro, 512GB, 48GB Unified Memory | Phone: iPhone 16 Pro Max 512GB | Wearables: Apple Watch SE | Car: 2025 Honda Accord SE & 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: Sapphire Nitro+ 9070XT | Case: Fractal North | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Seasonic Focus GX-850 | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Noctua NH-U12S | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2024 M4 Mac mini, 256GB SSD, 16GB Unified Memory | Storage: Terramaster D4-320 DAS (12TB Seagate Ironwolf Pro, 12TB Seagate Ironwolf, 6TB WD Blue HDD, 500GB Crucial SSD)
Link to post
Share on other sites
Posted
Just now, Arika S said:

so far there is no indication that there will be performance loss to patch this

interesting... i guess that's good news for people with newer systems then. 

She/Her

Phone: OnePlus Nord CE 5G | 128GB | 8GB Ram

Main Desktop: Ryzen 5 3600 | GTX 1060 6GB | 32GB Ram
Main Laptop: Acer Aspire V3-771G | Core i7 3612QM | 16GB

Link to post
Share on other sites
Posted

Vulnerabilities are really a trending topic for all time. Foreshadow is the third significant flaw to affect the company’s chips this year. I hope that the patch they released will really mitigates or stops the problem for attackers could exploit this vulnerability to obtain sensitive information.

Link to post
Share on other sites
Posted (edited)

There is an overview of all additional vulnerabilities in processors since Spectre & Meltdown at the end of this article here. The count is: 16 found so far.


(Sorry, german language, but the table is "international"):
https://heise.de/-4137209

 

Ninja-Edit: Found two videos explaining the "Foreshadow" from Red Hat:

 

 

Edited by Questargon
Added videos

CPU Ryzen 7 5800X | MoBo MSI B550 Gaming Plus | RAM 32GB Teamgroup @3600/18 | GPU EVGA RTX 3070 Ti FTW | Case Enthoo Pro M SE
PSU bq! Straight Power 11 Plat. 750W CM | Cooling Scythe Fuma 2 & 5x Corsair ML140 | Sound SB Z Retail | Storage Samsung 970 EVO 500GB
Display(s) Iiyama GB3461WQSU, Dell 24", LG 34UM95 | Keyboard Kinesis Freestyle Edge | Mouse Logitech G900 Chaos Spectrum | OS Windows 11

Link to post
Share on other sites
Posted
3 hours ago, DrMacintosh said:

Intel Core processors slowly gimped over time as new security holes are found over the months xD 

AMDs new strategy. Poke holes in the competition stability or security untill they win

Link to post
Share on other sites
Posted

 

17 hours ago, bcredeur97 said:

inb4 we go back to pentium 4 era of performance just from security patches

xD

I made this joke to a friend a few weeks ago! It is starting to look like everything Intel has done to increase speed basically relates to these vulnerabilities.

CPU: Core i7 4970K | MOBO: Asus Z87 Pro | RAM: 32GBs of G.Skill Ares 1866 | GPU: MSI GAMING X GTX 1070 | STOR: 2 X Crucial BX100 250GB, 2 x WD Blk 1TB (mirror),WD Blk 500GB | CASE: Cooler Master HAF 932 Advanced | PSU: EVGA SUPERNOVA G2 750W | COOL: Cooler Master Hyper T4 | DISP: 21" 1080P POS | KB: MS Keyboard | MAU5: Redragon NEMEANLION | MIC: Snowball Blue | OS: Win 8.1 Pro x64, (Working on Arch for dual boot) |

Link to post
Share on other sites
Posted
16 hours ago, firelighter487 said:

Xeon X5650 here :D 

 

https://ark.intel.com/products/47922/Intel-Xeon-Processor-X5650-12M-Cache-2_66-GHz-6_40-GTs-Intel-QPI

It affects you also, it affects all their CPU's and you are on Westmere.  Bare in mind that this primarily affects cloud service providers with shared virtualised hosts.  For public cloud service providers this is a massive shit storm of work to sort out.

 

CVE-2018-3646 

Affected list.

Intel Code Name FMS Intel Brand Names
Nehalem-EP 0x106a5 Intel Xeon 35xx Series;
Intel Xeon 55xx Series
Lynnfield 0x106e5 Intel Xeon 34xx Lynnfield Series
Clarkdale 0x20652 Intel i3/i5 Clarkdale Series;
Intel Xeon 34xx Clarkdale Series
Arrandale 0x20655 Intel Core i7-620LE Processor
Sandy Bridge DT 0x206a7 Intel Xeon E3-1100 Series;
Intel Xeon E3-1200 Series;
Intel i7-2655-LE Series;  Intel i3-2100 Series
Westmere EP 0x206c2 Intel Xeon 56xx Series;
Intel Xeon 36xx Series
Sandy Bridge EP 0x206d7 Intel Pentium 1400 Series;
Intel Xeon E5-1400 Series;
Intel Xeon E5-1600 Series;
Intel Xeon E5-2400 Series;
Intel Xeon E5-2600 Series;
Intel Xeon E5-4600 Series
Nehalem EX 0x206e6 Intel Xeon 65xx Series;
Intel Xeon 75xx Series
Westmere EX 0x206f2 Intel Xeon E7-8800 Series;
Intel Xeon E7-4800 Series;
Intel Xeon E7-2800 Series
Ivy Bridge DT 0x306a9 Intel i3-3200 Series; Intel i7-3500-LE/UE, Intel i7-3600-QE,
Intel Xeon E3-1200-v2 Series;
Intel Xeon E3-1100-C-v2 Series;
Intel Pentium B925C
Haswell DT 0x306c3 Intel Xeon E3-1200-v3 Series
Ivy Bridge EP 0x306e4 Intel Xeon E5-4600-v2 Series;
Intel Xeon E5-2400-v2 Series;
Intel Xeon E5-2600-v2 Series;
Intel Xeon E5-1400-v2 Series;
Intel Xeon E5-2600-v2 Series
Ivy Bridge EX 0x306e7 Intel Xeon E7-8800/4800/2800-v2 Series
Haswell EP 0x306f2 Intel Xeon E5-2400-v3 Series;
Intel Xeon E5-1400-v3 Series;
Intel Xeon E5-1600-v3 Series;
Intel Xeon E5-2600-v3 Series;
Intel Xeon E5-4600-v3 Series
Haswell EX 0x306f4 Intel Xeon E7-8800/4800-v3 Series
Broadwell H 0x40671 Intel Core i7-5700EQ;
Intel Xeon E3-1200-v4 Series
Avoton 0x406d8 Intel Atom C2300 Series;
Intel Atom C2500 Series;
Intel Atom C2700 Series
Broadwell EP/EX 0x406f1 Intel Xeon E7-8800/4800-v4 Series;
Intel Xeon E5-4600-v4 Series;
Intel Xeon E5-2600-v4 Series;
Intel Xeon E5-1600-v4 Series
Skylake SP 0x50654 Intel Xeon Platinum 8100 (Skylake-SP) Series;
Intel Xeon Gold 6100/5100 (Skylake-SP) Series
Intel Xeon Silver 4100, Bronze 3100 (Skylake-SP) Series
Broadwell DE 0x50662 Intel Xeon D-1500 Series
Broadwell DE 0x50663 Intel Xeon D-1500 Series
Broadwell DE 0x50664 Intel Xeon D-1500 Series
Broadwell NS 0x50665 Intel Xeon D-1500 Series
Skylake H/S 0x506e3 Intel Xeon E3-1500-v5 Series;
Intel Xeon E3-1200-v5 Series
Kaby Lake H/S/X 0x906e9 Intel Xeon E3-1200-v6

Please quote or tag me if you need a reply

Link to post
Share on other sites
Posted

This whole thing just reads like it's now become a PhD thesis circle jerk of finding unexploitable vulnerabilities.

 

I found a flaw too...I just need admin access, a mouse, keyboard, and sitting in front of your computer and I can steal all your data!

Workstation:  9800X3D|| Asus X670E ProArt Creator || MSI Gaming Trio 4090 Shunt || T.Force 7800CL34 || Corsair AX1600i@240V || whole-house loop.

LANRig/GuestGamingBox: 13700K @ Stock || MSI Z690 DDR4 || ASUS TUF 3090 650W shunt || Corsair SF600 || CPU+GPU watercooled 280 rad pull only || whole-house loop.

Server Router (Untangle): 13600k @ P-Core only || ASRock Z690 ITX || All 10Gbe || 2x8GB 3200 || PicoPSU 150W 24pin + AX1200i on CPU|| whole-house loop

Server Compute/Storage: 10850K @ 5.1Ghz || Gigabyte Z490 Ultra || EVGA FTW3 3090 1000W || LSI 9280i-24 port || 4TB Samsung 860 Evo, 5x10TB Seagate Enterprise Raid 6, 4x8TB Seagate Archive Backup ||  whole-house loop.

Laptop: HP Elitebook 840 G8 (Intel 1185G7) + 4070 RTX Thunderbolt Dock, Razer Blade Stealth 13" 2017 (Intel 8550U)

Link to post
Share on other sites
Posted
23 hours ago, mark_cameron said:

When is the Casino Royale vulnerability going to be found?

 

Or maybe View to a Kill?

 

Or Thunderball ?

 

My Rig "Valiant"  Intel® Core™ i7-5930 @3.5GHz ; Asus X99 DELUXE 3.1 ; Corsair H110i ; Corsair Dominator Platinium 64GB 3200MHz CL16 DDR4 ; 2 x 6GB ASUS NVIDIA GEFORCE GTX 980 Ti Strix ; Corsair Obsidian Series 900D ; Samsung 950 Pro NVME + Samsung 850 Pro SATA + HDD Western Digital Black - 2TB ; Corsair AX1500i Professional 80 PLUS Titanium ; x3 Samsung S27D850T 27-Inch WQHD Monitor
 
Link to post
Share on other sites
Posted
  • Author
4 hours ago, Falconevo said:

It affects you also, it affects all their CPU's and you are on Westmere.

This particular vulnerability according to Intel's own advisory page affects :

 

6th generation Intel® Core™ processors
7th generation Intel® Core™ processors
8th generation Intel® Core™ processors
Intel® Xeon® Processor E3 v5 Family
Intel® Xeon® Processor E3 v6 Family

 

But that's just the Foreshadow/L1TF vulnerability.  Looking at the list of Intel CPUs that are affected by speculative execution vulnerabilities in general, you may want to refrain from buying anything more modern than a Pentium 4

 

 

Intel® Core™ i3 processor (45nm and 32nm)

Intel® Core™ i5 processor (45nm and 32nm)
Intel® Core™ i7 processor (45nm and 32nm)
Intel® Core™ M processor family (45nm and 32nm)
2nd generation Intel® Core™ processors
3rd generation Intel® Core™ processors
4th generation Intel® Core™ processors
5th generation Intel® Core™ processors
6th generation Intel® Core™ processors
7th generation Intel® Core™ processors
8th generation Intel® Core™ processors
Intel® Core™ X-series Processor Family for Intel® X99 platforms
Intel® Core™ X-series Processor Family for Intel® X299 platforms
Intel® Xeon® processor 3400 series
Intel® Xeon® processor 3600 series
Intel® Xeon® processor 5500 series
Intel® Xeon® processor 5600 series
Intel® Xeon® processor 6500 series
Intel® Xeon® processor 7500 series
Intel® Xeon® Processor E3 Family
Intel® Xeon® Processor E3 v2 Family
Intel® Xeon® Processor E3 v3 Family
Intel® Xeon® Processor E3 v4 Family
Intel® Xeon® Processor E3 v5 Family
Intel® Xeon® Processor E3 v6 Family
Intel® Xeon® Processor E5 Family
Intel® Xeon® Processor E5 v2 Family
Intel® Xeon® Processor E5 v3 Family
Intel® Xeon® Processor E5 v4 Family
Intel® Xeon® Processor E7 Family
Intel® Xeon® Processor E7 v2 Family
Intel® Xeon® Processor E7 v3 Family
Intel® Xeon® Processor E7 v4 Family
Intel® Xeon® Processor Scalable Family
Intel® Xeon® Processor D (1500, 2100)

Source : https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html

Link to post
Share on other sites
Posted

Here's what's needed to exploit the next Intel vulnerability:

  • A machine running Ryzen 69 and Backtrack 7
  • 10GBps network connection
  • A working disc of Pong
  • A1 Abrams tank, circa 1998
  • Fall guy
  • A whole lot of duct tape

Come Bloody Angel

Break off your chains

And look what I've found in the dirt.

 

Pale battered body

Seems she was struggling

Something is wrong with this world.

 

Fierce Bloody Angel

The blood is on your hands

Why did you come to this world?

 

Everybody turns to dust.

 

Everybody turns to dust.

 

The blood is on your hands.

 

The blood is on your hands!

 

Pyo.

Link to post
Share on other sites
Posted
On 14.8.2018 at 9:29 PM, Br3tt96 said:

Ryzenfall is kinda cool. As far as names go. lol

Yeah, though that one is really bullshit and looks like either a Marketing Stunt or stock manipulation as some of the actors involved were IIRC convicted of something like that in the past or at least stood trial.

 

And be honest:
How usefull is a "vulnerability" for that you need Admin rights?! And a Firmware that is specific for the machine it has to run on. Not very...

If you already have admin rights, you have better things to do than to flash a BIOS/Firmware of a device, you would usually install a rootkit or something like that. But flashing a BIOS? Naa, too much hassle, if you're already in...

 

Its like you want to rob a bank. And to rob the bank and what to do when you're already in the vault. You probably have better things to do - like actually rob the bank - than to install some stuff you could use for something, don't you?

 

23 hours ago, Maria Phene said:

Vulnerabilities are really a trending topic for all time. Foreshadow is the third significant flaw to affect the company’s chips this year. I hope that the patch they released will really mitigates or stops the problem for attackers could exploit this vulnerability to obtain sensitive information.

It is and according to the one who found Spectre/Meltdown its a shadow on the horizon for almost 5 years...

Because he wrote a patch, Intel was very interested in it and because of that, he looked further into the things and the Result was that he found Spectre/Meltdown. Yeah...

 


So with that in mind, its entirely possible that Intel at least had a hunch that those things might be possible and the fix would be rather simple, if you design a CPU from the ground up: Implement access checks inside the CPU. Wich they didn't because they didn't do a new CPU....

 

 

 

The worst thing:
It hits Intel at exactly the right time...

Its when AMD just came out with a pretty competitive product and there is an actual choice between Intel and AMD. And it tarnishes the Reputation that many people gave both companys (like Intel is more stable, wich is some shit from the 90s and wasn't really true then)...

"Hell is full of good meanings, but Heaven is full of good works"

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×