Citrix: Meltdown and Spectre: Understanding the Performance Impact, Current State & What’s Next
Over the last couple of weeks, everyone in the IT industry has been keeping a close eye on a new class of security attacks that are taking advantage of a design flaw in modern computer processors. This is an industry-wide issue, not a problem specific to any operating system, hypervisor, or application. There are three separate vulnerabilities that were discovered and reported by multiple security teams, named Spectre (variant 1 & 2) and Meltdown (variant 3).
|Vulnerability||CVE||Exploit Name||Public Vulnerability Name|
|Spectre||2017-5753||Variant 1||Bounds Check Bypass|
|Spectre||2017-5715||Variant 2||Branch Target Injection|
|Meltdown||2017-5754||Variant 3||Rogue Data Cache Load|
Since public disclosure, there have been misunderstandings and inaccurate reporting on these vulnerabilities. One of the reasons for this is that there are three separate vulnerabilities and reports are often not differentiating between them. Another reason is that these vulnerabilities impact lower layers of the stack, which are less familiar to administrators responsible for software running at the higher layers.
Much has already been written about Meltdown and Spectre. All three variations could allow unprivileged code to read privileged memory locations, however it is important to differentiate between them, as there are different mitigations for each of them. Below is a simple summary table based on our understanding to date:
|Ease of exploitation||Easy||Hard(er)|
|Ease of mitigation||Easy||Hard|
|Processors impacted||Intel, some ARM||Intel, AMD, ARM|
|Requires firmware update?||No||Yes (variant 2)|
So, what is so special about these vulnerabilities? A few different aspects are unique.
Read the entire article here, Meltdown and Spectre: Understanding the Performance Impact, Current State & What’s Next
Via the fine folks at Citrix Systems, Inc.