Spectre Variants 3A & 4 Exposed As Latest Speculative Execution Vulnerabilities

Written by Michael Larabel in Linux Security on 21 May 2018 at 08:20 PM EDT. 24 Comments
LINUX SECURITY
Spectre Variants 3A and 4 are now public as the newest speculative execution vulnerabilities affecting many CPUs and with the mitigations also expected to affect performance. Initial Linux kernel patches are available.

First of all, apologies on being a bit brief with this disclosure due to being out-of-state all day due to on-site PTS matters. But the stakeholders have gone public today with their Speculative Store Bypass vulnerability. CVE-2018-3639 is the Speculative Store Bypass known as Spectre V4 and there is also CVE-2018-3640 as the "Rogue System Register Read" that is Spectre V3A.

Here are some of the details via Intel's disclosure:


CVE-2018-3639 – Speculative Store Bypass (SSB) – also known as Variant 4

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
4.3 Medium CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

CVE-2018-3640 – Rogue System Register Read (RSRE) – also known as Variant 3a

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis.
4.3 Medium CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

These new vulnerabilities affect all major CPU vendors just not AMD/Intel but also ARM and IBM / POWER. Red Hat has initial details on their site and a further explanation.


Mitigating these new Spectre vulnerabilities is known to affect performance, potentially by a few percent.

Initial SSBD mitigation landed today in the Linux kernel and is being prepared for back-porting to supported stable series. Microcode CPU updates are also necessary.

Beginning tomorrow I plan to have out initial benchmarks from our arsenal of tests... Stay tuned and pardon for the brief post today.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week