Announcement

Collapse
No announcement yet.

BHI: The Newest Spectre Vulnerability Affecting Intel & Arm CPUs

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • BHI: The Newest Spectre Vulnerability Affecting Intel & Arm CPUs

    Phoronix: BHI: The Newest Spectre Vulnerability Affecting Intel & Arm CPUs

    The VUSec security researchers are today -- in cooperation with Intel -- disclosing another new speculative execution vulnerability... BHI is the name and it's an offshoot from Spectre V2...

    https://www.phoronix.com/scan.php?pa...-Vulnerability

  • #2
    Pain...



    Yes indeed!

    Comment


    • #3
      any forecast for the performance penalty of a potential mitigation?

      Comment


      • #4
        Michael

        "CVE-20222-23960." I think that's 2022.

        At Phoronix CVE stands for "content verification eliminated".

        In all seriousness, Love the content. But the typos are getting redonkulous lately.

        Comment


        • #5
          I wonder how many years it will take for Raspberry Pi Foundation talk about this. They still have not announced anything about the Pi4 and Spectre from 2017-2018.
          Last edited by Jabberwocky; 08 March 2022, 06:57 PM. Reason: typo

          Comment


          • #6
            Originally posted by JEBjames View Post
            Michael

            "CVE-20222-23960." I think that's 2022.

            At Phoronix CVE stands for "content verification eliminated".

            In all seriousness, Love the content. But the typos are getting redonkulous lately.
            A vulnerability from the 203rd century? That's some very speculative execution.

            Comment


            • #7
              Are these covered by mitigations=off? Or is there another way to turn these off? I want my performance back.

              Comment


              • #8
                I start to have mixed feelings towards OoO designs, there are a plethora of exploits out there..

                Comment


                • #9
                  Was this another case of BSD being left out in the cold?

                  Comment


                  • #10
                    Originally posted by tuxd3v View Post
                    I start to have mixed feelings towards OoO designs, there are a plethora of exploits out there..
                    You are confusing OoO (out-of-order) design with speculative execution. Those two CPU features are mostly unrelated. It is easy to make an OoO engine without speculative execution. It is also relatively easy to modify an existing OoO engine with speculative execution into an OoO engine with optional speculative execution. The performance loss from disabling speculative execution should be less than 20%.

                    Why CPU companies don't want to provide an option to disable speculative execution is another matter; in short, it's all about money and profits.
                    Last edited by xfcemint; 08 March 2022, 09:09 PM.

                    Comment

                    Working...
                    X