From WikiChip
Editing cve/cve-2017-5753
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
This page supports semantic in-text annotations (e.g. "[[Is specified as::World Heritage Site]]") to build structured and queryable content provided by Semantic MediaWiki. For a comprehensive description on how to use annotations or the #ask parser function, please have a look at the getting started, in-text annotation, or inline queries help pages.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
{{cve title|CVE-2017-5753 (Spectre, Variant 1)}} | {{cve title|CVE-2017-5753 (Spectre, Variant 1)}} | ||
[[File:spectre-text.svg|200px|right]] | [[File:spectre-text.svg|200px|right]] | ||
− | '''[[cve id::CVE-2017-5753]]''' ('''Spectre''', '''Variant 1''', '''Bounds Check Bypass''') is a [[microprocessor]] vulnerability that allows an attacker to cause otherwise correctly executing code to expose information to the attacker that wouldn't normally be exposed due to [[bounds checks]] being temporarily bypassed, changing the cache states of the [[microarchitecture]], thereby leaking information through [[side-channel analysis|side-channel timing analysis]]. For this attack to work, only [[speculatively execution]] is needed; the processor can still be [[in-order]]. | + | '''[[cve id::CVE-2017-5753]]''' ('''Spectre''', '''Variant 1''', '''Bounds Check Bypass''') is a [[microprocessor]] vulnerability that allows an attacker to cause an otherwise correctly executing code to expose information to the attacker that wouldn't normally be exposed due to [[bounds checks]] being temporarily bypassed, changing the cache states of the [[microarchitecture]], thereby leaking information through [[side-channel analysis|side-channel timing analysis]]. For this attack to work, only [[speculatively execution]] is needed; the processor can still be [[in-order]]. |
This attack can be use on top of {{cve|CVE-2017-5715}} (Spectre, Variant 2) in order to cause a correct program to lead to this (Variant 1) vulnerability by making the microprocessor take the wrong [[branch target]]. | This attack can be use on top of {{cve|CVE-2017-5715}} (Spectre, Variant 2) in order to cause a correct program to lead to this (Variant 1) vulnerability by making the microprocessor take the wrong [[branch target]]. | ||
Line 88: | Line 88: | ||
== Affected Processors == | == Affected Processors == | ||
− | |||
− | |||
{| class="wikitable" | {| class="wikitable" | ||
− | |||
− | |||
|- | |- | ||
! Designer !! Processor/Architecture !! Related Notes | ! Designer !! Processor/Architecture !! Related Notes | ||
|- | |- | ||
− | + | | {{mipstech|-|MIPS}} || P5600 || rowspan="2" | [https://www.mips.com/blog/mips-response-on-speculative-execution-and-side-channel-vulnerabilities/ Post] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
|- | |- | ||
− | | {{ | + | | {{mipstech|-|MIPS}} || P6600 |
|- | |- | ||
− | | {{ | + | | [[IBM]] || {{ibm|POWER6|l=arch}} || [https://tenfourfox.blogspot.co.at/2018/01/actual-field-testing-of-spectre-on.html Post] |
|- | |- | ||
− | | {{ | + | | [[IBM]] || {{ibm|POWER7|l=arch}} || rowspan="5" | [https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/ Post]<br>[http://www-01.ibm.com/support/docview.wss?uid=isg3T1026811 Security Bulletin] |
|- | |- | ||
− | | {{ | + | | [[IBM]] || {{ibm|POWER7+|l=arch}} |
|- | |- | ||
− | | {{ | + | | [[IBM]] || {{ibm|POWER8|l=arch}} |
|- | |- | ||
− | | {{ | + | | [[IBM]] || {{ibm|POWER8+|l=arch}} |
|- | |- | ||
− | | {{ | + | | [[IBM]] || {{ibm|POWER9|l=arch}} |
|- | |- | ||
− | | | + | | [[IBM]] || {{ibm|z12|l=arch}} || rowspan="3" | |
|- | |- | ||
− | | {{ | + | | [[IBM]] || {{ibm|z13|l=arch}} |
|- | |- | ||
− | | [[ | + | | [[IBM]] || {{ibm|z14|l=arch}} |
|} | |} | ||
{{expand list}} | {{expand list}} |