More Intel CPU vulnerabilities

#1

I came across this and i start investigating a bit more
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12126
and find out about:

  1. CVE-2018-12126 —Microarchitectural Store Buffer Data Sampling (MSBDS), also known as Fallout attack.
  2. CVE-2018-12130 —Microarchitectural Fill Buffer Data Sampling (MFBDS), also known as Zombieload, or RIDL (Rogue In-Flight Data Load).
  3. CVE-2018-12127 —Microarchitectural Load Port Data Sampling (MLPDS), also part of RIDL class of attacks.
  4. CVE-2019-11091 —Microarchitectural Data Sampling Uncacheable Memory (MDSUM), also part of RIDL class of attacks.

So, i got the Linux Tool you can download here
run it and got this results:

Sorry for the screenshot, but there was no other way to grab it and share it

I can't say i understand all the implications about, nor that i know if the new intel Microcode Updates will address all this ... Seems is not the same thing as the one posted here
https://forum.manjaro.org/t/spoiler-alert-literally-intel-cpus-afflicted-with-simple-data-spewing-spec-exec-vulnerability/78003

Maybe someone can give some more info? :thinking:

Microprocessor Data Sampling (MDS) vulnerabilites (aka "Zombieload")
split this topic #2

2 posts were merged into an existing topic: Microprocessor Data Sampling (MDS) vulnerabilites (aka "Zombieload")

closed #3