Meltdown & Spectre: Intel Chip Exploit Also Impacts ARM, AMD Chips

Intel has reacted after media reports revealed the existence of a serious security vulnerability that currently affects hundreds of millions of central processing units (CPUs) made over the last ten years.

But now it has emerged that Google researchers have in fact discovered two serious chip security flaws, known as Meltdown and Spectre.

The first flaw (Meltdown) only affects laptops, desktops and internet servers that utilise Intel CPUs. But the second flaw (Spectre) has a much wider reach, as it also affects chips in smartphones, tablets and computers powered by Intel, ARM and AMD. However AMD has told Silicon UK there is no risk to its products.

Meltdown, Spectre

Earlier this week media reports revealed there was a serious design flaw with Intel-based chips that allowed programs to read the contents and layout of a computer’s protected kernel memory area.

But in reality Google’s Project Zero team had last year discovered that there was in fact two “serious security flaws caused by ‘speculative execution,’ a technique used by most modern processors (CPUs) to optimise performance.”

“The Project Zero researcher, Jann Horn, demonstrated that malicious actors could take advantage of speculative execution to read system memory that should have been inaccessible,” said Google. “For example, an unauthorised party may read sensitive information in the system’s memory such as passwords, encryption keys, or sensitive information open in applications.

“These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running on them.”

“This vulnerability makes it theoretically possible to open up the end user’s device and rummage through the computer’s memory,” explained Mike Buckbee, security engineer at Varonis.

“For example, a JavaScript application running in a browser on a website could potentially access your computer’s kernel memory and rip through any information held there,” said Buckbee. “While it’s unlikely there would be full files stored there, it’s very possible it would find bits and pieces of valuable data, like SSH keys, security tokens and even passwords.”

It is worth noting that patches for all operating systems are currently being developed, and it is reported that these patches “scramble” how kernel memory is stored, making it impossible for applications to exploit the flaw.

The firms in question have known about the issue for a while now, but had planned to go public about it next week.

But the recent media reports have forced at least two of the affected vendors to issue public statements on the matter.

Intel – Not Just Us

Intel took the opportunity to say that it was not just it that was affected, but also its rivals.

However, Intel currently powers about 90 percent of the 1.5 billion PCs and laptops in use today (IDC), so the exposure to the Meltdown bug is potentially huge.

But the Spectre flaw is even worse and potentially has an even wider reach, as it affects Intel, AMD and ARM processors, meaning some smartphones are also added to the mix.

“Recent reports that these exploits are caused by a ‘bug’ or a ‘flaw’ and are unique to Intel products are incorrect,” stated Intel. “Based on the analysis to date, many types of computing devices – with many different vendors’ processors and operating systems – are susceptible to these exploits.”

“Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively,” it added.

But Intel did not deny that the fixes would have a performance impact, as experts have said that the fixes will require more computational resources, which at best will slow down the entire operating system.

“Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time,” said Intel.

“Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.”

ARM – Most Chips Not Affected

ARM for its part said that cache timing side-channels exploiting processor was not a new finding.

“Cache timing side-channels are a well-understood concept in the area of security research and therefore not a new finding,” said ARM. “However, this side-channel mechanism could enable someone to potentially extract some information that otherwise would not be accessible to software from processors that are performing as designed and not based on a flaw or bug.”

And it said that only some of its Cortex processors are affected.

“The majority of ARM processors are not impacted by any variation of this side-channel speculation mechanism,” ARM said, before it posted a definitive list of the ‘small subset’ of ARM-designed Cortex processors that are susceptible.

It said that all future ARM Cortex processors will be resilient to this style of attack or allow mitigation through kernel patches.

Loading ...

AMD – Zero Risk

AMD said that the Google research had been “performed in a controlled, dedicated lab environment by a highly knowledgeable team with detailed, non-public information about the processors targeted,” and that the threat “has been not seen in the public domain.”

“When AMD learned that researchers had discovered a new CPU attack targeting the speculative execution functionality used by multiple chip companies’ products, we immediately engaged across the ecosystem to address the teams’ findings,” AMD told Silicon.

It said that the Google team identified three variants within the speculative execution research, but that it currently felt there was zero risk to any AMD products.

“Based on the findings to-date and the differences in AMD processor architecture, we believe there is near zero risk to AMD products at this time,” said AMD.

Google for its part has published a list of affected Google products and their current status of mitigation against this attack, available here.

Quiz: What do you know about Intel?

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

7 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

9 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

11 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

12 hours ago