Meltdown and Spectre, the new vulnerabilities in the processors
The National Center for Cybersecurity and Communications Integration (NCCIC) detected a set of security vulnerabilities, known as Meltdown and Spectre, that affect modern computer processors. Exploiting these vulnerabilities could allow an attacker to gain access to confidential information.
Meltdown: this vulnerability is the easiest to exploit and the one that gets the most attention. It mainly affects the Intel chipset and is currently dealing with operating system level reviews of Microsoft, Apple and various Linux distributions. It works by using a method called ‘speculative execution’ to infer values in protected memories. This vulnerability has been assigned CVE-2017-5754.
Spectre: This is a more widespread attack based on concepts similar to Meltdown and affects the Arm and AMD processors in ways that the Meltdown attack cannot. This also means that solutions for Meltdown will not protect against Spectre attacks. Spectre covers two separate attack vectors to which CVE-2017-5715 and CVE-2017-5753 have been assigned.
The CVEs of the vulnerabilities are the following:
| CVE ID |
CVSSv3 Vectors |
| CVE-2017-5754 |
5.6 Medium |
|
CVE-2017-5715 |
5.6 Medium |
| CVE-2017-5753 |
5.6 Medium |
Information about the affected system/product
|
Brand |
Link |
|
Intel |
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr |
|
Microsoft |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002 |
|
Amazon |
https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/ |
|
ARM |
https://developer.arm.com/support/security-update |
|
AMD |
https://www.amd.com/en/corporate/speculative-execution |
|
|
https://googleprojectzero.blogspot.com.co/2018/01/reading-privileged-memory-with-side.html |
|
MITRE |
CVE-2017-5715 / CVE-2017-5753 / CVE-2017-5754 |
|
Red Hat |
https://access.redhat.com/security/vulnerabilities/speculativeexecution |
|
SUSE |
https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/ |
|
CERT |
https://www.kb.cert.org/vuls/id/584653 |
|
VMWare |
https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html |
| Apple |
https://support.apple.com/en-us/HT208394 |
What impact would it have if the vulnerability is exploited?
Taking advantage of this security flaw, an attacker could have access to sensitive information stored in the memory of the processor (passwords, encryption keys, etc).
What to do if we have the vulnerability?
Microsoft recommends updating Windows operating systems, and has also published procedures to help counter and verify these vulnerabilities:
Guide for Windows users: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Guide for Windows servers: https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution
Source:
https://www.us-cert.gov/ncas/alerts/TA18-004A
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr