'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

General discussion and chat (archived)
User avatar
Tomaso
Board Warrior
Board Warrior
Posts: 1622
Joined: 2015-07-23, 16:09
Location: Norway

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Tomaso » 2018-01-04, 21:58

The following Intel-based platforms are impacted by this issue (Intel may modify this list at a later time):

* Intel® Core™ i3 processor (45nm and 32nm)
* Intel® Core™ i5 processor (45nm and 32nm)
* Intel® Core™ i7 processor (45nm and 32nm)
* Intel® Core™ M processor family (45nm and 32nm)
* 2nd generation Intel® Core™ processors
* 3rd generation Intel® Core™ processors
* 4th generation Intel® Core™ processors
* 5th generation Intel® Core™ processors
* 6th generation Intel® Core™ processors
* 7th generation Intel® Core™ processors
* 8th generation Intel® Core™ processors
* Intel® Core™ X-series Processor Family for Intel® X99 platforms
* Intel® Core™ X-series Processor Family for Intel® X299 platforms
* Intel® Xeon® processor 3400 series
* Intel® Xeon® processor 3600 series
* Intel® Xeon® processor 5500 series
* Intel® Xeon® processor 5600 series
* Intel® Xeon® processor 6500 series
* Intel® Xeon® processor 7500 series
* Intel® Xeon® Processor E3 Family
* Intel® Xeon® Processor E3 v2 Family
* Intel® Xeon® Processor E3 v3 Family
* Intel® Xeon® Processor E3 v4 Family
* Intel® Xeon® Processor E3 v5 Family
* Intel® Xeon® Processor E3 v6 Family
* Intel® Xeon® Processor E5 Family
* Intel® Xeon® Processor E5 v2 Family
* Intel® Xeon® Processor E5 v3 Family
* Intel® Xeon® Processor E5 v4 Family
* Intel® Xeon® Processor E7 Family
* Intel® Xeon® Processor E7 v2 Family
* Intel® Xeon® Processor E7 v3 Family
* Intel® Xeon® Processor E7 v4 Family
* Intel® Xeon® Processor Scalable Family
* Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series
* Intel® Atom™ Processor C Series
* Intel® Atom™ Processor E Series
* Intel® Atom™ Processor A Series
* Intel® Atom™ Processor x3 Series
* Intel® Atom™ Processor Z Series
* Intel® Celeron® Processor J Series
* Intel® Celeron® Processor N Series
* Intel® Pentium® Processor J Series
* Intel® Pentium® Processor N Series
Source:
https://security-center.intel.com/advis ... geid=en-fr

User avatar
yereverluvinuncleber
Lunatic
Lunatic
Posts: 323
Joined: 2017-12-06, 21:25

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by yereverluvinuncleber » 2018-01-04, 22:33

That's all of them then, is there anyone reading this list who isn't on the list?
My skills technical & otherwise: VMS system manager 20 years. Fault Tolerance, clustering, Vax, Alpha and ftSparc. DCL, QB45, VB.NET, VB6, PHP, Javascript. Graphic Design, Project Management, CMS Web Design. DOS and Windows admin since 1985. Quad Audio Electronics update and repair. Rebuilding classic cars and motorcycles. Artist in watercolours. Historian. There's more.

User avatar
Night Wing
Knows the dark side
Knows the dark side
Posts: 5146
Joined: 2011-10-03, 10:19
Location: Piney Woods of Southeast Texas, USA

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Night Wing » 2018-01-04, 22:57

adisib wrote:Apparently the Intel CEO sold $24 million worth of stock upon finding out about the security vulnerability.

http://www.businessinsider.com/intel-ce ... law-2018-1
I think he'll get to keep his money legally without any worries from the SEC because his stock transactions were "scheduled". It is a gray area but I don't think the SEC wants to get involved. This is different than what the head honchos did at Equifax. Just read the article below.

https://arstechnica.com/information-tec ... questions/
Linux Mint 21.3 (Virginia) Xfce w/ Linux Pale Moon, Linux Waterfox, Linux SeaLion, Linux Firefox
MX Linux 23.2 (Libretto) Xfce w/ Linux Pale Moon, Linux Waterfox, Linux SeaLion, Linux Firefox
Linux Debian 12.5 (Bookworm) Xfce w/ Linux Pale Moon, Linux Waterfox, Linux SeaLion, Linux Firefox

Thehandyman1957

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Thehandyman1957 » 2018-01-05, 05:41

yereverluvinuncleber wrote:That's all of them then, is there anyone reading this list who isn't on the list?
Thankfully, I just got rid of my Dell Intel machine and traded it up for a great AMD FX8350 8 core
with a MSI 970A-G46 motherboard and a GTX 750 Nvidia Video card. So you can check me off of that list. :mrgreen: :angel:

John connor

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by John connor » 2018-01-05, 06:32

Baloo wrote:Will this require Pale Moon to be updated to protect computers that have this bug present?

It's a CPU vulnerability. Not a browser vulnerability.

Schorsch
Moongazer
Moongazer
Posts: 14
Joined: 2015-05-18, 07:48
Location: Bavaria

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Schorsch » 2018-01-05, 09:04

Mozilla is working on it:
https://blog.mozilla.org/security/2018/ ... ng-attack/
Update [January 4, 2018]: We have released Firefox 57.0.4 which includes the two timing based mitigations described above.


Google:
https://support.google.com/chrome/answer/7623121

https://www.heise.de/security/meldung/P ... 33043.html

sorry, i`m german
Last edited by Schorsch on 2018-01-05, 09:07, edited 1 time in total.

User avatar
yereverluvinuncleber
Lunatic
Lunatic
Posts: 323
Joined: 2017-12-06, 21:25

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by yereverluvinuncleber » 2018-01-05, 09:19

John connor wrote:
Baloo wrote:Will this require Pale Moon to be updated to protect computers that have this bug present?
It's a CPU vulnerability. Not a browser vulnerability.
We all know that now but his question was still quite valid bearing in mind that all the major browsers are receiving changes to mitigate this exploit. Also, the offical responses from multiple sources state that o/s, application and firmware modifications will be required to mitigate the hardware flaw. If this problem is not fixed in software it will not be fixed at all. PaleMoon has to play its part - read all of this thread.
My skills technical & otherwise: VMS system manager 20 years. Fault Tolerance, clustering, Vax, Alpha and ftSparc. DCL, QB45, VB.NET, VB6, PHP, Javascript. Graphic Design, Project Management, CMS Web Design. DOS and Windows admin since 1985. Quad Audio Electronics update and repair. Rebuilding classic cars and motorcycles. Artist in watercolours. Historian. There's more.

User avatar
yereverluvinuncleber
Lunatic
Lunatic
Posts: 323
Joined: 2017-12-06, 21:25

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by yereverluvinuncleber » 2018-01-05, 09:21

Schorsch wrote: sorry, i`m german
No need to apologise for being German...
My skills technical & otherwise: VMS system manager 20 years. Fault Tolerance, clustering, Vax, Alpha and ftSparc. DCL, QB45, VB.NET, VB6, PHP, Javascript. Graphic Design, Project Management, CMS Web Design. DOS and Windows admin since 1985. Quad Audio Electronics update and repair. Rebuilding classic cars and motorcycles. Artist in watercolours. Historian. There's more.

John connor

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by John connor » 2018-01-05, 09:52

I don't like this 30% CPU hit thing at all. I depend on single threaded ability for FSX, if I take a 30% hit, that will severely affect my FSX performance. FSX, FS2004 and Prepar3D all are mostly single threaded. They use more of the CPU than the GPU. I can game fine on my GTX 560 TI ( which I plan on updating sometime in the future).
Last edited by John connor on 2018-01-05, 09:53, edited 1 time in total.

User avatar
Trippynet
Fanatic
Fanatic
Posts: 238
Joined: 2014-06-03, 20:21
Location: UK

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Trippynet » 2018-01-05, 09:55

John connor wrote:
Baloo wrote:Will this require Pale Moon to be updated to protect computers that have this bug present?

It's a CPU vulnerability. Not a browser vulnerability.
This is true, and Meltdown can be mitigated via OS updates (that potentially impact performance), however Spectre needs to be addressed by applications - mainly those that use sandboxing as malicious code can potentially use Spectre to access data outside the sandbox (such as passwords). Hence why a lot of browsers are seeing updates in the pipeline to address this.

It's not a browser vulnerability, but may require changes to browsers to prevent the CPU flaws from allowing exploits.

User avatar
yereverluvinuncleber
Lunatic
Lunatic
Posts: 323
Joined: 2017-12-06, 21:25

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by yereverluvinuncleber » 2018-01-05, 10:39

John connor wrote:I don't like this 30% CPU hit thing at all. I depend on single threaded ability for FSX, if I take a 30% hit, that will severely affect my FSX performance. FSX, FS2004 and Prepar3D all are mostly single threaded. They use more of the CPU than the GPU. I can game fine on my GTX 560 TI ( which I plan on updating sometime in the future).
You will barely notice it. It might possibly bottleneck earlier but typically personal-use machines have plenty of spare capacity, small hardware updates will mitigate any performance drop and the extent will be in the region of 5-30% not 30%, most likely 5. If you are networking, rendering, database-ing and doing large amounts of small file i/o operations you might see a bigger hit.
My skills technical & otherwise: VMS system manager 20 years. Fault Tolerance, clustering, Vax, Alpha and ftSparc. DCL, QB45, VB.NET, VB6, PHP, Javascript. Graphic Design, Project Management, CMS Web Design. DOS and Windows admin since 1985. Quad Audio Electronics update and repair. Rebuilding classic cars and motorcycles. Artist in watercolours. Historian. There's more.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35403
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Moonchild » 2018-01-05, 11:10

John connor wrote:
Baloo wrote:Will this require Pale Moon to be updated to protect computers that have this bug present?
It's a CPU vulnerability. Not a browser vulnerability.
It's a CPU vulnerability that makes certain processes in browsers vulnerable to be exploited, especially when you're talking about JIT-compiled JS code that runs at near-native speeds with direct access to memory functions. The CPU vulnerability makes the browser vulnerability possible.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

John connor

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by John connor » 2018-01-05, 13:58

So I pretty much mitigated this with my use of Sandboxie. But I did read that Pale Moon was already patched.

Have to wander if "smart" devices are vulnerable.

I've read that Steam and other crap might be affected as well. Is this vulnerability strictly JS-based?
Last edited by John connor on 2018-01-05, 13:59, edited 1 time in total.

User avatar
Tomaso
Board Warrior
Board Warrior
Posts: 1622
Joined: 2015-07-23, 16:09
Location: Norway

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Tomaso » 2018-01-05, 15:17

From what I've read, the upcoming M$ fix simply enables KPTI (Kernel Page Table Isolation) in Windows, which separates the kernel's memory completely from user processes.
Adding the boot parameter "nopti" will effectively disable it again, and you'll be abe to continue receiving Windows Updates like before, without having to worry about CPU performance.
But of course, this will leave your system vulnerable to exploits.
Last edited by Tomaso on 2018-01-05, 15:18, edited 1 time in total.

John connor

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by John connor » 2018-01-05, 15:41

I've read that you need the updated BIOS firmware and the Winblows update. But I don't get that. Once the BIOS is patched, shouldn't that be good enough? Bad enough I just updated my BIOS that fixed that last flaw.

This update/patch crap is annoying. Bad enough my Comcast X1 cable TV updates the box once every night all the awhile interrupting the TV. Talk about excessive.
Last edited by John connor on 2018-01-05, 15:42, edited 1 time in total.

User avatar
Trippynet
Fanatic
Fanatic
Posts: 238
Joined: 2014-06-03, 20:21
Location: UK

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Trippynet » 2018-01-05, 15:57

John connor wrote:I've read that you need the updated BIOS firmware and the Winblows update. But I don't get that. Once the BIOS is patched, shouldn't that be good enough? Bad enough I just updated my BIOS that fixed that last flaw.
It's likely to have little if any effect. BIOS updates can come with microcode updates for CPUs to help fix small bugs/issues, but Meltdown and Spectre are well beyond what microcode can fix. This is why it's falling back on OS vendors (and some application vendors) to patch their software to mitigate the design flaws.
Tomaso wrote:Adding the boot parameter "nopti" will effectively disable it again, and you'll be abe to continue receiving Windows Updates like before, without having to worry about CPU performance.
But of course, this will leave your system vulnerable to exploits.
Only if your system has a vulnerable CPU. The KPTI workaround specifically targets Meltdown, and as Meltdown does not affect AMD CPUs, it's only required on Intel systems. AMD users without KPTI enabled won't have any issues, and as KPTI can cause performance drops it should ideally be disabled on AMD systems - I will certainly not be installing it on my main PC (AMD Ryzen), but it will be going onto my NUC (Core i5).
Last edited by Trippynet on 2018-01-05, 16:00, edited 2 times in total.

User avatar
Tomaso
Board Warrior
Board Warrior
Posts: 1622
Joined: 2015-07-23, 16:09
Location: Norway

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Tomaso » 2018-01-05, 16:21

John connor wrote:I've read that you need the updated BIOS firmware
Perhaps you're thinking about this issue?:
viewtopic.php?f=4&t=17463/

User avatar
Night Wing
Knows the dark side
Knows the dark side
Posts: 5146
Joined: 2011-10-03, 10:19
Location: Piney Woods of Southeast Texas, USA

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Night Wing » 2018-01-05, 17:51

Well, I just came from my neighbor's computer repair shop and he has two older computers which were brought into his shop by their owners. These two computers originally came with Windows 7 which were upgraded to Windows 10.

With this new vulnerability; Microsoft sent their "patch fix KB4056892" which both computer owners installed, restarted their computers and got an ugly surprise. Their computers won't boot now. This is why these two computers are down at my neighbor's shop.

I sniffed around on the internet and found this article which confirms this. It seems to affect some older computers, but the article doesn't say "how old". Those two computer owners were hopping mad when I went down to the shop and one of them said to me he wished he had never applied the first patch.

https://www.windowslatest.com/2018/01/0 ... x800f0845/

So for people with an older computer which originally came with Windows 7 and has been upgraded to Windows 10, if you see this KB update, you'll have to ask your yourself one question and quoting from Clint Eastwood in the role of Inspector Harry Callahan from the movie Dirty Harry, "Do I feel lucky?" ;)

Sometimes the best move is not making the move until things have been sorted out for a few days or a week to see what transpires with older computers.
Linux Mint 21.3 (Virginia) Xfce w/ Linux Pale Moon, Linux Waterfox, Linux SeaLion, Linux Firefox
MX Linux 23.2 (Libretto) Xfce w/ Linux Pale Moon, Linux Waterfox, Linux SeaLion, Linux Firefox
Linux Debian 12.5 (Bookworm) Xfce w/ Linux Pale Moon, Linux Waterfox, Linux SeaLion, Linux Firefox

User avatar
Tomaso
Board Warrior
Board Warrior
Posts: 1622
Joined: 2015-07-23, 16:09
Location: Norway

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Tomaso » 2018-01-05, 18:25

Night Wing wrote:Microsoft sent their "patch fix KB4056892" which both computer owners installed, restarted their computers and got an ugly surprise. Their computers won't boot now.
Nothing new there.
We've had this issue with Win10 computers at work too.
The machines wouldn't boot up, after automatically having updated themselves with the latest monthly updates.
With every major Win10 update, forums seems to be flooded with post from users that are experiencing similar problems:
https://betanews.com/2017/12/21/windows ... -problems/

Also, Win10 updates are continously causing compatibility issues for various applications.
Software developers are having a hard time to keep up with M$'s crazy amount of changes.
Recently, the lead developer of Classic Shell listed this as one of his main reasons for ending the development:
http://www.classicshell.net/forum/viewt ... =4&t=8147/
Last edited by Tomaso on 2018-01-05, 18:26, edited 1 time in total.

User avatar
yereverluvinuncleber
Lunatic
Lunatic
Posts: 323
Joined: 2017-12-06, 21:25

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by yereverluvinuncleber » 2018-01-05, 20:01

Recently, the lead developer of Classic Shell listed this as one of his main reasons for ending the development:
http://www.classicshell.net/forum/viewt ... =4&t=8147/
I really feel like dumping Windows altogether, without the classic menu I simply cannot work on Windows, it is that bad.
I am really considering running Linux on AMD, WTF is going on? How the heck did it get to a situation like this?
My skills technical & otherwise: VMS system manager 20 years. Fault Tolerance, clustering, Vax, Alpha and ftSparc. DCL, QB45, VB.NET, VB6, PHP, Javascript. Graphic Design, Project Management, CMS Web Design. DOS and Windows admin since 1985. Quad Audio Electronics update and repair. Rebuilding classic cars and motorcycles. Artist in watercolours. Historian. There's more.

Locked