Join the community today
Become a Member

Security Intel Processor Flaw 'kernel memory leaking' [Spectre & Meltdown]

Discussion in 'CentOS, Redhat & Oracle Linux News' started by eva2000, Jan 3, 2018.

  1. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    hmm bad Intel Intel Released "Coffee Lake" Knowing it Was Vulnerable to Spectre and Meltdown

     
  2. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    Window 10 updates and AMD cpu issues http://windowsreport.com/amd-display-issues-windows-update/

     
  3. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    Benchmarking Linux With The Retpoline Patches For Spectre - Phoronix

     
  4. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    Update: January 8th, 2018 Linode blog update Linode Blog » CPU Vulnerabilities: Meltdown & Spectre

     
  5. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
  6. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
  7. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    Potentially bad news that some older Intel cpus aren't getting microcode updates like v1/v2/v3 sandybridge, ivybridge and haswell microcode updates for Sandy/Ivy Bridge? • r/intel

     
  8. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    Benchmarking Clear Linux With KPTI + Retpoline Support (Meltdown + Spectre Patches) - Phoronix

     
  9. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    Intel's CES 2018 Key Note presentation Intel at CES 2018: Brian Krzanich Keynote Live Blog (18:30 PT, 02:30 UTC). So it could be as long as one month later to get all Intel CPUs patched up microcode/bios update wise.

     
  10. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    since Windows 10 update fix for meltdown, had a couple of system hangs and windows event viewer logged these errors, wonder if it's related ?

    on Samsung ATIV Book 8 laptop with Core i7 3635QM 4C/8T cpu

    eventlog-01.png
     
    • Informative Informative x 1
  11. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    The Combined Impact Of Retpoline + KPTI On Ubuntu Linux - Phoronix

    ouch full result in the OpenBenchmarking.org result file

    • nginx test - This is a test of ab, which is the Apache Benchmark program running against nginx. This test profile measures how many requests per second a given system can sustain when carrying out 2,000,000 requests with 500 requests being carried out concurrently
    • apache test - This is a test of ab, which is the Apache benchmark program. This test profile measures how many requests per second a given system can sustain when carrying out 1,000,000 requests with 100 requests being carried out concurrently

    nginx ~21-26% reduction with KPTI + Retpoline Kernel patch fixes

    upload_2018-1-10_14-8-10.png

    Apache ~21-32% reduction with KPTI + Retpoline Kernel patch fixes

    upload_2018-1-10_14-8-27.png

    Redis ~6.5-11% drop

    upload_2018-1-10_14-14-25.png
     
  12. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
  13. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems

     
  14. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    Meltdown and Spectre a big deal for enterprises

     
  15. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    Dell and bios updates Microprocessor Side-Channel Vulnerabilities (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on Dell products | Dell Australia
    Looks like I need to update my Dell Inspiron 13 7000 (D7378) too :)
     
  16. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    Meltdown-Spectre: Four things every Windows admin needs to do now | ZDNet

    Sadly, my Samsung ATIV Book 8 laptop is using Ivybridge based Intel Core i7 3635QM 4C/8T cpu :( Maybe AMD Ryzen mobile cpus will come soon Ryzen Mobile is Launched: AMD APUs for Laptops, with Vega and Updated Zen :)
     
  17. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
    Online.net has one of the most comprehensive running updates for meltdown and spectre related fixes for their servers I have seen
     
  18. bassie

    bassie Active Member

    835
    192
    43
    Apr 29, 2016
    Ratings:
    +587
    Local Time:
    5:05 AM
    Sorry to say but if you asked me.
    Its more and more a story of big company's.
    And that goes as follows:

    Heeej hi look at me, how well I am working.
    How important I think that security is (so-called).

    They would like to make it seems that all is going fine,
    that they are startled because they just know about Spectre and Meltdown.

    Boeeeeee boeee I did not know that and now I have to cry.
    And now have to make a quick solution and thats difficult, because of the complexity
    , so they ask for understanding.

    But in fact it appears that they already knew it for 180 days.
    They could have easily taken measures.

    But now only a week before the embargo the news leaked.
    Everyone is in turmoil.

    What a shame.

    Only Red Hat has succeeded.
    Their EL changelog show that they already had a solution ready in December.

    Finally, every provider has been emailing all the week long about how dangerous and critical it is. That they have to take measures immediately etc etc.

    Once gain. The impact is NOT critical but Important / Moderate.

    Kernel Side-Channel Attacks - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715 - Red Hat Customer Portal
    Synology-SA-18:01 Meltdown and Spectre Attacks | Synology Inc.
     
    Last edited: Jan 11, 2018
    • Agree Agree x 1
  19. eva2000

    eva2000 Administrator Staff Member

    34,276
    7,586
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,668
    Local Time:
    1:05 PM
    Nginx 1.13.x
    MariaDB 5.5
..