Multiple OS Vendors Release Security Patches After Misinterpreting Intel Docs (bleepingcomputer.com) 15
Almost all major OS vendors released security patches yesterday after a researcher discovered that some OS makers have misinterpreted an Intel CPU debug feature and left their systems open to attacks. From a report: The vulnerability is in how the OS vendors implemented a hardware debug mechanism for Intel x86-64 architectures -- and more specifically the MOV SS and POP SS instructions. "In certain circumstances after the use of certain Intel x86-64 architecture instructions, a debug exception pointing to data in a lower ring (for most operating systems, the kernel Ring 0 level) is made available to operating system components running in Ring 3," the CERT/CC team explained in an advisory published yesterday. Explained in layman's terms, "this may allow an attacker to utilize operating system APIs to gain access to sensitive memory information or control low-level operating system functions." Operating systems that mishandle this debug exception and had their systems open to attacks include Apple, Microsoft, FreeBSD, Red Hat, Ubuntu, SUSE Linux, and other Linux distros based on the Linux Kernel -- which is also affected.
Windows Subsystem for Linux? SmartOS LX Branded Zones?
Sounds not like Intel's Poor Writing/ (Score:1)
If several unrelated Companies made the exact same error it is more likely poorly written documentation.
AMD (Score:2)
AMD is affected too...
So, my question is:
Why a developer, developing for AMD-64 on top of AMD Hardware (think Athlon, Buldozer, Ryzen/Epyc et al) would be using an "INTEL's" Docs?
Shouldn't said developer be using AMD's documentation? If so, then, how said developer was also afected?
I don't know the answer. But I believe that the AMD design is, in part, based on the early reverse engineering of one of the early Intel CPUs. It's quite possible that this issue is present in both because the instruction design is the same for both.
No AMD isn't affected. Intel isn't either. The problem is in software, it's the software that is affected.
AMD implements the x86 ISA which was designed by Intel and second sourced by AMD for a while. AMD then started designing their own CPUs based on the same ISA as they had a license that let them do that (as decided by a court of law). They have reverse engineered and used documented sources to make their processors compatible with those of Intel.
So if the hardware works in some specific way (with a few e
Princess Bride moment (Score:4, Funny)
You keep using that instruction. I do not think it means what you think it means.
Understandable (Score:2)
Intel probably just had the same guy that drafted the spectre/meltdown response press release write the document and he was kind of on a roll with the whole misdirection thing.
What I don't get about spectre, meltdown, and now this- is why any *single user* computer cares about accessing the user's own data, regardless of what ring they are in.
Isn't this only a problem for servers and multiple user computers? Why patch user level OS for this?