cancel
Showing results for 
Search instead for 
Did you mean: 

SPECTRE and MELTDOWN: Bug rocks Intel / ARM CPUs

segfaulted
Level 7
Kinda glad I bought AMD this round. For those who don't know there is a new bug affecting just about every SKU from Intel made in the last .. ohh.. _DECADE_ or so. It's actually worse then F00F or FDIV. Only mitigation appears to castrate the CPU upward of 30%! (depending on processes).

Can Asus confirm AMD and more importantly for me, this or any AMD motherboard are not affected? If so, will there be RMAs?

Fun fact, Intel's CEO dumped stock back in November before they started issuing gags on people from even talking about it.

*****ASUS advisory page(may get updated): https://www.asus.com/News/V5urzYAT6myCC1o2 ******
409,653 Views
701 REPLIES 701

zvober
Level 9
As Linus Torvalds (founder of the Linux kernel), lets rip on Chipzilla:
Quotes:
"“Meltdown” is the name given to a side-channel attack on memory isolation that affects most Intel chips since 2010, as well as a few Arm cores.
[…]
Meltdown – on Intel CPUs and the Arm Cortex-A75 – allows normal applications to read protected kernel memory, allowing them to steal passwords and other secrets.
[…]
There’s also another security flaw named Spectre that affects, to varying degrees, Intel, AMD, and Arm. Depending on your CPU, Spectre allows normal apps to potentially steal information from other apps, the kernel, or the underlying hypervisor. Spectre is difficult to exploit, but also difficult to fully patch – and is going to be the real stinger from all of this.
[…]
On vulnerable systems, Meltdown allows user programs to read from private and sensitive kernel address spaces, including kernel-sharing sandboxes like Docker or Xen in paravirtualization mode. And when you’ve stolen the keys to the kingdom, such as cryptographic secrets, you’ll probably find you can indeed corrupt, modify or delete data, pal.
[…]
Chipzilla doesn’t want you to know that every Intel processor since 1995 that implements out-of-order execution is potentially affected by Meltdown – except Itanium, and the Atom before 2013.


Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors
https://amp.thehackernews.com/thn/2018/01/meltdown-spectre-vulnerability.html

"Everyone Is Affected": Why The Implications Of The Intel "Bug" Are Staggering
Security vulnerability aside, the fix may be just as bad: it would result in a significant slowdown of the CPU, and the resultant machine. Because the exploit takes advantage of a technology intended to accelerate the performance of the processors, the fix slows them, said the person.
https://www.zerohedge.com/news/2018-01-03/everyone-affected-why-implications-intel-bug-are-staggerin...

panzlock
Level 12
People making lots of threads about this issue. Can we please centralize them so we know what;s going on, exactly? If a mod could merge threads or something, that would be nice.
I'd like to deploy my troops in her country.

panzlock wrote:
People making lots of threads about this issue. Can we please centralize them so we know what;s going on, exactly? If a mod could merge threads or something, that would be nice.


I don't have an official response to point people to yet. The best I can do is move this thread to General and rename it. All of the other threads are in different board/chipset areas so it's understandable that those folks want to know when they'll get a fix for *their* product.
A bus station is where a bus stops. A train station is where a train stops. On my desk, I have a work station…

xeromist wrote:
I don't have an official response to point people to yet. The best I can do is move this thread to General and rename it. All of the other threads are in different board/chipset areas so it's understandable that those folks want to know when they'll get a fix for *their* product.



Thanks. Wasn't sure where to ask, support really didn't have a clue either (understandable).

Think it's critical vendors are open with their users on what is going on.. It's quite amazing and sad to see this mess unfold. Intel is effectively in full PR damage control mode all over the internet with shills downvoating and outright lies being spread.

For anyone curious, the LKML is a rather interesting place to lurk because the pace at which these changes are still being ironed out is astoundingly volatile.. The latest proposed alternative by Google for example is still software based and requires not only updates to the linux kernel, but compiler itself. The implications of which cannot be known without serious testing cycles and that doesn't factor in anything else like NVIDIA or AMD's own drivers. Which to anyone not familiar with linux, is a bit like MIcrosoft's relationship with them in that they are not maintained in kernel.

Though they are putting out press releases like they cured cancer, Intel isn't even going that far in testing. They are literally throwing changes in for everyone else to test -- including AMD whom caught one of them already. It was an attempt to enable their "workaround" on _EVERY_ CPU even those that AREN'T VULNERABLE.

Like I said, quite amazing

xeromist wrote:
I don't have an official response to point people to yet. The best I can do is move this thread to General and rename it. All of the other threads are in different board/chipset areas so it's understandable that those folks want to know when they'll get a fix for *their* product.


Fair enough. Good info on this thread so I'll stick to it.
I'd like to deploy my troops in her country.

panzlock
Level 12
Guru3d claims no performance hit after updates that they could find so far:

https://forums.guru3d.com/threads/kernel-memory-leaking-intel-processor-design-flaw-forces-linux-win...
I'd like to deploy my troops in her country.

panzlock wrote:
Guru3d claims no performance hit after updates that they could find so far:

https://forums.guru3d.com/threads/kernel-memory-leaking-intel-processor-design-flaw-forces-linux-win...



They are testing with only the Windows 10 Hotfix installed, they don't have the CPU microcode / UEFI Firmware installed so its not all that relevant. You need both the OS Hotfix + the microcode update to be fully patched and its the combination of both that seems to hit performance the hardest.

Good new:
Intel to release firmware update end of next week.*

https://mycomputerlessons.com/intel-promises-firmware-updates-for-most-modern-cpus-by-the-end-of-nex...

*So now we will have windows update + bios update from asus (not released yet) + intel firmware update for the cpu.

But i have never perform a cpu firmware update, how to do this?

ELIESEH wrote:
Good new:
Intel to release firmware update end of next week.*

https://mycomputerlessons.com/intel-promises-firmware-updates-for-most-modern-cpus-by-the-end-of-nex...

*So now we will have windows update + bios update from asus (not released yet) + intel firmware update for the cpu.

But i have never perform a cpu firmware update, how to do this?


You don't have too, that is what the new bios is for. Asus new bios will have the new Intel microcode baked in. All you have to do is update the bios, and keep your OS updated.
R9 7950X - ASUS X670E Crosshair Extreme (bios 0803) - 32GB HyperX Fury Beast @6200c32 - Corsair H150i Pro - ASUS RTX3080 TUF OC V2 - Phanteks P400A - Corsair RM850 - WD SN850

Hi,

I have a 5930k and the Rampage V extreme first version, when i check the list of updated BIOS i can't see my motherboard. Does it means that i will never have the spectre vulnerability mitigated on my system ?