Announcement

**dimko** · 07-26-2018, 04:15 AM

I take it AMD CPUs are not affected?

**starshipeleven** · 07-26-2018, 04:20 AM

Originally posted by dimko View Post

I take it AMD CPUs are not affected?

Not tested so it's unknown. They tested only Intel CPUs.

**Guest** · 07-26-2018, 04:46 AM

It's amazing that Linux with the most complete Meltdown/SpectreVx mitigation completely destroys Windows and FreeBSD in performance.

**AsuMagic** · 07-26-2018, 05:00 AM

Originally posted by Pawlerson View Post

It's amazing that Linux with the most complete Meltdown/SpectreVx mitigation completely destroys Windows and FreeBSD in performance.

They have mitigations too, though..?

**Peter Fodrek** · 07-26-2018, 05:27 AM

Originally posted by starshipeleven View Post

Not tested so it's unknown. They tested only Intel CPUs.

There is no official information, but unofficially for AMD it is mitigated, yet

Spectre Mitigation Update

7/13/18

This week, a sub-variant of the original, Google Project (GPZ) variant 1 / Spectre security vulnerability was disclosed by MIT. Consistent with variant 1, we believe this threat can be mitigated through the operating system (OS). AMD is working with the software ecosystem to mitigate variant 1.1 through operating system updates where necessary. We have not identified any AMD x86 products susceptible to the Variant 1.2 vulnerability in our analysis to-date. Please check with your OS provider for the latest information.

form
https://www.amd.com/en/corporate/security-updates

Updated to add

AMD also says current side-channel mitigations kill SpectreRSB dead. A spokesperson told us:
AMD is aware of a new research paper on processor speculation and a proposed vulnerability in the return stack buffer. AMD believes its recommended Indirect Branch Prediction Barrier (IBPB) setting mitigates against the described vulnerability. As stated in this AMD Whitepaper, when IBPB is set in software for context switching, the processor enforces that older indirect branches cannot influence predictions of indirect branches in the future, we believe thereby effectively mitigating against the described vulnerability.

form
https://www.theregister.co.uk/2018/0..._stack_buffer/

**Djhg2000** · 07-26-2018, 09:44 AM

Originally posted by Pawlerson View Post

It's amazing that Linux with the most complete Meltdown/SpectreVx mitigation completely destroys Windows and FreeBSD in performance.

Depends on your use case. They all have different sets of features which yields different performance for different loads. You pick whichever performs best for you.

**andyprough** · 07-26-2018, 11:13 AM

Are there any actual examples in the wild of anyone getting compromised via any of these vulnerabilities?

Or is this simply the new performance tax we all have to pay for running a computer? Keeping in mind that performance taxes will cost you real money.

**SvenK** · 07-26-2018, 03:16 PM

Well the Saarland University detected this vulnerability independently and contacted Intel, AMD, ARM, Mozilla, Google, Apple, Microsoft and Red Hat in April. Intel validated this vulnerability, while AMD and ARM acknowledged this vulnerability, but there is no evidence that they are affected.

**GunpowaderGuy** · 07-26-2018, 11:26 PM

spectre , electric boogaloo

Announcement

Linux Kernel Gets Patch For New SpectreRSB Vulnerability

Linux Kernel Gets Patch For New SpectreRSB Vulnerability

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment