Category Archives: 2018

CPU and machines not vulnerable to “meltdown and “Spectre” vulnerabilities.

The Chinese mantra “time can tell” looks like a witness to modern hardware and software development industry. As we know IBM mainframe (s390) and Sun SPARC given the feeling to the world in last decase was that they are far away from modern technologies. Even though S390 contains LPAR function allow multuple OS platform operation includes Windows server , linux and 3rd party unix run in their box. The general comments feedback from IT world was that they are outdated. A rumours were true and Oracle laid off the core talent of the Solaris and SPARC teams last year. As a matter of fact, protect the IT world not only Cyber security services provider. (For example, the defense solution vendor headache because they do not have precise idea how to detect and defense such design limitation problem). In future may be the former giant will give you an assistance to you. Why?It was because SPARC and S390 support “Address Space Identifiers” (ASIs). In the sense that they did the Kernel page-table isolation already. They are not vulnerable to “meltdown and “Spectre” vulnerabilities.

Remark:

SPARC v8 privileged instructions shown as below:

  • user mode instruction fetch is ASI 0x08,
  • supervisor mode instruction fetch is ASI 0x09
  • user mode normal data access is ASI 0x0A
  • supervisor mode normal data access is ASI 0x0B

CVE-2017-5753,CVE-2017-5715&CVE-2017-5715 whether there is any changes?

An urgent alert announced by US Homeland security urge computer user stay alerting of CPU design bug found this month. The victim firm Intel looks provides their comments that this know issue not encountered on their product only. As a matter of fact, this is true the side channel attack on mobile devices was happened early this year (reference url):

Tragedy – Android bugs, should we wait or we should take pre-emptive action?

I speculated that WAN acceleration solution vendor and Software defined network will be the next of the victims but now they are keep silent. Perhaps headline news article comment that no know cyber attacks deployed similar definition of theory utilization in past. But I’m in doubt? We all imagine that this is a nightmare. But a potential business opportunities are coming soon. From high level point of view, perhaps such CPU design limitation of cyber attack given by end-point. A tremendous business to enhance government and enterprise firm  endpoint especially mobile devices management in preventive and detective control. The managed security services and SIEM to enhance detective control. The truth is that this is the business opportunities. Below details of the url is the new announcement by Amazon.

https://aws.amazon.com/security/security-bulletins/AWS-2018-013/

 

Intel CPU design hiccups – CVE-2017-5753,CVE-2017-5715,CVE-2017-5754

Below details better than what I say thousand of words.
Current status update in regards to CPU (Intel) design limitations.

AMD https://www.amd.com/en/corporate/speculative-execution

  • AMD proud of it, they did not made this mistake! Seems it is a long run in development,It is hard to tell this moment. Stay tuned. Good luck to him!

ARM https://developer.arm.com/support/security-update

Intel https://newsroom.intel.com/news/intel-responds-to-security-research-findings/

Microsoft https://portal.msrc.microsoft.com/en-US/eula

Linux https://lkml.org/lkml/2017/11/22/956

F5 https://support.f5.com/csp/article/K91229003

It looks strange that similar vulnerability found on Aug 2017. I remember that my article posted here mentioned before (see below url for reference). In the meantime, I personally agree with Intel announcement that  based on the CPU features to date, many types of computing devices  with many different vendors’ processors and operating systems are susceptible to these exploits. And therefore Intel might not the only victim.

The enemy of ASLR (Address space layout randomization) – memory leak

Any other vendors especially virtual machine OS, they do not confirm yet and inform that they are not involve in this CPU design limitation vulnerability?

The cache side channel attack of this security incident on Intel side looks compatible to other chips vendor. The worst scenario is that similar channel attack will be happened once you have cache. So, foreseen that this is the prelude of new form of attack in this year!

Processor Bug harm virtual machine and cloud computing platform

Headline news today told the world of chip design hiccups given by CPU manufacturer (Intel).  You are easy to do a google search to find out the details.  During the first announcement of virtual machine design concept come to the world, security expert foreseen that a multiple vulnerabilities will be happen in future. It looks that the victims on this incident is cloud computing service provider. Since their operation fully compatible with virtual machine. In short below picture can simply to provide the idea. For more detail, please refer below url issued by Forbes.

Intel Processor Bug Leaves All Current Chips Vulnerable And Its Fix Saps Performance [Updated by forbes.com] – https://www.forbes.com/sites/davealtavilla/2018/01/03/intel-processor-bug-leaves-all-current-chips-vulnerable-and-its-fix-saps-performance/#75546002570a

VMware VMSA-2018-0001 – CVE-2017-15548,CVE-2017-15549,CVE-2017-15550

A runner who run faster achieve the goal, he is the winner. We just go to first week of 2018. The VMware faster than Microsoft announce their critical vulnerability on 2nd Jan 2018 (Advisory ID: VMSA-2018-0001). Quote: “A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems” Remark: vSphere Data Protection is a backup solution for use in vSphere. The official announcement shown in below url:

https://www.vmware.com/security/advisories/VMSA-2018-0001.html