AMD also affected by Spectre Next Generation?

[juanrga]

Intel and ARM were confirmed time ago, but no word on AMD. Now comments on a kernel fix seem to confirm AMD is affected as well

http://anzwix.com/a/DragonFlyBSD/Kernel - Fix CVE-2018-8897, Debug Register Issue

 

[Formula.350]

They did a lot of patching and things for the current round that were relatively unnecessary, but they did it anyways just to reassure everyone for added peace of mind.

Not saying that's the case here, just pointing out that just because there is movement by AMD doesn't mean that the amount by which they are affected is cause for much concern. It could be, yes, but just like the "ASRock Banned by AMD to sell in EU" story... it's purely wild conjecture until we get the info from the horses mouth

 

[schmide]

This is stupid. Int 3 is the debug interrupt. When you step through a program it is the interrupt that stops execution at that instruction. The non maskable interrupt trampoline is just a method for answering an interrupt then returning control to another process without delaying the system in the interrupt procedure call.

I can think of no way this could be involved in a Spectre like attack as it flushes everything.

In the future AMD will be involved in the mitigation code for Spectre. This does not mean they are necessarily vulnerable, just following the calling conventions set forth in the OS.

 

[pendragon1]

give it a rest with the fearmongering and name making attempts.

 

[TurboGLH]

Nope. But why wait and see when you can just put a question mark and claim it was a question.

I do like your new title though.

https://www.bleepingcomputer.com/ne...ity-patches-after-misinterpreting-intel-docs/

 

[KazeoHin]

Juanrga has a definite Intel bias?

Juanrga may have a financial interest in weakening AMD's place in the market?

Juanrga takes every single chance he can imagine to spread ideas that reduce trust in AMD's products?


See, when you put question mark after a statement, it makes you COMPLETELY IMMUNE to consequences and accountability.

 

[Formula.350]

I do like your new title though.

It used to have a signature as well lmao Alas, since changing that was within his power, he did. Not that it matters much since I...

....took a screenshot of it due to having found it all rather humorous

 

[juanrga]

Details on CVE-2018-8897 flaw made public. This isn't Spectre NG but it affects both Intel and AMD

http://bintroo.com/cert-warns-of-widespread-debug-vulnerability/

https://www.theregister.co.uk/2018/05/09/intel_amd_kernel_privilege_escalation_flaws/

 

[Gideon]

Here is a summary, it's a issue with how the software was using the kernel due to software engineers not interpreting the instructions properly. It's already fixed with patches on most used OS's. Once again a useless thread posted by someone that had no clue and decided to speculate wildly without any knowledge of said issue.

 

[DuronBurgerMan]

Details on CVE-2018-8897 flaw made public. This isn't Spectre NG but it affects both Intel and AMD

Key point being, it isn't Spectre NG.

Anyway, security flaws and patches are a cost of doing business these days. I'm not even hard on Intel for this shit. It happens. As long as the response is good, and nobody actually got burned by the flaws... I don't really care.

 

[juanrga]

Clarification note:

The title of this thread has a question mark because then the flaw was NOT public, and it was speculated that it could be part of Spectre NG

Now that details of the flaw are public we can see it isn't Spectre NG but another flaw. If the title is generating so much trouble to some, just solicit a mod to change the title to "AMD also affected by CVE-2018-8897" or something similar.

 

[DuronBurgerMan]

Clarification note:

The title of this thread has a question mark because then the flaw was NOT public, and it was speculated that it could be part of Spectre NG

Now that details of the flaw are public we can see it isn't Spectre NG but another flaw. If the title is generating so much trouble to some, just solicit a mod to change the title to "AMD also affected by CVE-2018-8897" or something similar.

Never change, mang.

 

[pendragon1]

so total bs again?! maybe fix the title and close the t

Clarification note:

The title of this thread has a question mark because then the flaw was NOT public, and it was speculated that it could be part of Spectre NG

Now that details of the flaw are public we can see it isn't Spectre NG but another flaw. If the title is generating so much trouble to some, just solicit a mod to change the title to "AMD also affected by CVE-2018-8897" or something similar.

how 'bout you click the thread tools button at the top of the page and change it?

 

[KazeoHin]

Clarification note:

The title of this thread has a question mark because then the flaw was NOT public, and it was speculated that it could be part of Spectre NG

Now that details of the flaw are public we can see it isn't Spectre NG but another flaw. If the title is generating so much trouble to some, just solicit a mod to change the title to "AMD also affected by CVE-2018-8897" or something similar.

Only when you've been absolutely proven wrong and exposed to be simply shilling and taking every chance to bad-mouth AMD, spreading incorrect information and outright click bait do you then decide to change the thread title to save your own face?


Interesting how this bug affects both Intel and AMD and ARM based CPUs, but your title SPECIFICALLY calls out AMD ONLY. but you aren't biased, right? You owned an AMD product before so you have NO bias.

You're just a troll?

 

[cjcox]

That's it. I'm breaking out the Amiga 500.

 

[Master_shake_]

You know how a news story is complete bullshit?

When they use a question mark in the title.

 

[Brackle]

TBH why havent they closed this thread or deleted it? I mean it's total BS right?

 

[juanrga]

Only when you've been absolutely proven wrong and exposed to be simply shilling and taking every chance to bad-mouth AMD, spreading incorrect information and outright click bait do you then decide to change the thread title to save your own face?

The CVE-2018-8897 flaw is real and it affects Intel and AMD x86-64 chips.

When I opened this thread the details of this flaw were secret and media was speculating if this flaw was part of Spectre NG set (whose details continue being secret). I used a question mark in the title of this thread because I wasn't convinced this flaw was Spectre NG. Now that details of the this CVE-2018-8897 flaw are pubic we can see it is another kind of flaw, not related to Spectre NG.

Amusing that another posted here invites me to edit the title of the thread, whereas you accuse me if I do.

Interesting how this bug affects both Intel and AMD and ARM based CPUs, but your title SPECIFICALLY calls out AMD ONLY. but you aren't biased, right? You owned an AMD product before so you have NO bias.

You're just a troll?

A week ago I opened a thread about Spectre NG in the Intel subforum with the main text "Eight new vulnerabilities found on Intel processors" in the OP. This week I opened a thread here in the AMD subforum when I discovered the BSD link mentioned in the OP. Intel and ARM are mentioned in the OP as affected by Spectre NG.

Once the details of CVE-2018-8897 have been made public I posted a new message in the Intel subforum and another message here. ARM CPUs aren't affected by CVE-2018-8897.

Zero drama in the Intel thread, just people being able to keep interesting tech conversations.