Updated on 6/24/2018
Google Project Zero team discovered a method to read privileged memory from user space by utilizing CPU data cache timing to leak information out of mis-speculated execution. Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For more details refer to this blogpost.
So far, there are three known variants of the issue:
- Variant 1: bounds check bypass (CVE-2017-5753)
- Variant 2: branch target injection (CVE-2017-5715)
- Variant 3: rogue data cache load (CVE-2017-5754)
- Variant 3a: rogue system register read (CVE-2018-3640)
- Variant 4: speculative store bypass (CVE-2018-3639)
Variants 1 & 2 are referred to as Spectre and Variant 3 as Meltdown.
Timesys has been monitoring vendor websites and open source mailing lists regarding affected CPUs and software mitigation strategies, and below are our findings: