{"id":906,"date":"2018-01-05T13:34:39","date_gmt":"2018-01-05T13:34:39","guid":{"rendered":"https:\/\/hostinguk.net\/blog\/?p=906"},"modified":"2018-01-16T17:07:43","modified_gmt":"2018-01-16T17:07:43","slug":"meltdown-spectre-resources","status":"publish","type":"post","link":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/","title":{"rendered":"Meltdown &#038; Spectre resources"},"content":{"rendered":"<p>The <a href=\"https:\/\/meltdownattack.com\/\">Meltdown &amp; Spectre<\/a> vulnerabilities are very much all over the technical media &#8211; but are yet to make the real news. The impacts are threefold:<\/p>\n<p><a href=\"https:\/\/spectreattack.com\/spectre.pdf\">Spectre<\/a>\u00a0Variant 1: bounds check bypass (CVE-2017-5753)<\/p>\n<p><a href=\"https:\/\/spectreattack.com\/spectre.pdf\">Spectre<\/a>\u00a0Variant 2: branch target injection (CVE-2017-5715)<\/p>\n<p><a href=\"https:\/\/meltdownattack.com\/meltdown.pdf\">Meltdown<\/a>\u00a0Variant 3: rogue data cache load (CVE-2017-5754)<\/p>\n<p>The vulnerability\u00a0was <a href=\"https:\/\/googleprojectzero.blogspot.co.uk\/2018\/01\/reading-privileged-memory-with-side.html\">discovered by Google&#8217;s Project Zero<\/a>, a new class of side channel attack. This article was posted on the Wednesday 3rd January 2018 &#8211; however, the discovery went out to chip manufacturers and vendors under non-disclosure\u00a0agreement Tuesday 9th November2017. Their post followed a leak ahead of the two month embargo period ending on the Tuesday 9th January 2018. This is common procedure with such discoveries, allowing fixes to be in circulation and in place before it becomes common knowledge. However the early disclosure meant that this left a number of vendors without a workeable fix.<\/p>\n<p>At this time the following links appear to be the place for updates for your specific platform (please not some of these pages may change from timelines to means to fix depending on the transparency and media choices of the provider):<\/p>\n<p style=\"padding-left: 30px;\"><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4072699\/january-3-2018-windows-security-updates-and-antivirus-software\">Microsoft Windows<\/a><\/p>\n<p style=\"padding-left: 30px;\"><a href=\"https:\/\/www.debian.org\/security\/2018\/dsa-4078\">Debian<\/a><\/p>\n<p style=\"padding-left: 30px;\"><a href=\"https:\/\/wiki.ubuntu.com\/SecurityTeam\/KnowledgeBase\/SpectreAndMeltdown\">Ubuntu<\/a><\/p>\n<p style=\"padding-left: 30px;\"><a href=\"https:\/\/www.centos.org\/forums\/viewtopic.php?t=65591\">CentOS<\/a><\/p>\n<p style=\"padding-left: 30px;\"><a href=\"https:\/\/access.redhat.com\/errata\/RHSA-2018:0008\">RedHat<\/a><\/p>\n<p style=\"padding-left: 30px;\"><a href=\"https:\/\/www.cloudlinux.com\/cloudlinux-os-blog\/entry\/intel-cpu-bug-kernelcare-and-cloudlinux\">CloudLinux<\/a><\/p>\n<p style=\"padding-left: 30px;\"><a href=\"https:\/\/docs.onapp.com\/display\/RN\/Meltdown+and+Spectre+CPU+Issues\">OnApp<\/a><\/p>\n<p style=\"padding-left: 30px;\"><a href=\"http:\/\/www.dell.com\/support\/contents\/uk\/en\/ukbsdt1\/article\/product-support\/self-support-knowledgebase\/software-and-downloads\/support-for-meltdown-and-spectre\">Dell<\/a><\/p>\n<p style=\"padding-left: 30px;\"><a href=\"https:\/\/blog.xenproject.org\/2018\/01\/04\/xen-project-spectremeltdown-faq\/\">Xen<\/a><\/p>\n<p style=\"padding-left: 30px;\"><a href=\"https:\/\/virtuozzo.com\/virtuozzo-addresses-intel-bug-questions\/\">Virtuozzo<\/a><\/p>\n<p>So to recap we are looking at three issues. Spectre effecting pretty much all modern CPU&#8217;s &#8211; Intel, AMD, ARM, possibly others. Meltdown effecting Intel based CPU&#8217;s:<\/p>\n<blockquote><p><span style=\"color: #808080;\"><em><strong>Spectre Variant 1<\/strong> CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor&#8217;s data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)<\/em><\/span><\/p>\n<p><span style=\"color: #808080;\"><em><strong>Spectre Variant 2<\/strong> CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor&#8217;s data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest\/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)<\/em><\/span><\/p>\n<p><span style=\"color: #808080;\"><em><strong>Meltdown Variant 3<\/strong> CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)<\/em><\/span><\/p>\n<p><span style=\"color: #808080;\"><em>Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.<\/em><\/span><\/p><\/blockquote>\n<p>Our engineers will be working very closely with the vendors and their guidelines to keep our platforms as secure and stable as possible. It is likely an announcement for shared platform reboots will follow once we know more about the suggested fixes.<\/p>\n<p>Regretfully, at this time our engineers will be relying on the vendors, and similar documents for information. We will update you as the situation unfolds.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Meltdown &amp; Spectre vulnerabilities are very much all over the technical media &#8211; but are yet to make the real news. The impacts are threefold: Spectre\u00a0Variant 1: bounds check bypass (CVE-2017-5753) Spectre\u00a0Variant 2: branch target injection (CVE-2017-5715) Meltdown\u00a0Variant 3: rogue data cache load (CVE-2017-5754) The vulnerability\u00a0was discovered by Google&#8217;s Project Zero, a new class&#8230; <a class=\"moretag\" href=\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/\">Keep Reading<\/a><\/p>\n","protected":false},"author":6,"featured_media":908,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"Meltdown & Spectre resources","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[13],"tags":[193,194,191,190,123,131,39,189,192,124],"class_list":["post-906","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-support","tag-centos","tag-cloud-linux","tag-dell","tag-meltdown","tag-onapp","tag-patching","tag-security","tag-spectre","tag-ubuntu","tag-xen"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Meltdown &amp; Spectre resources - Hosting UK<\/title>\n<meta name=\"description\" content=\"Hosting UK resources for Meltdown and Spectre. A list of most commonly required resources for patching and mitigation progress for CVE-2017-5754 CVE-2017-5715 CVE-2017-5753\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Meltdown &amp; Spectre resources - Hosting UK\" \/>\n<meta property=\"og:description\" content=\"Hosting UK resources for Meltdown and Spectre. A list of most commonly required resources for patching and mitigation progress for CVE-2017-5754 CVE-2017-5715 CVE-2017-5753\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/\" \/>\n<meta property=\"og:site_name\" content=\"Hosting UK\" \/>\n<meta property=\"article:published_time\" content=\"2018-01-05T13:34:39+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-01-16T17:07:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2018\/01\/resources-for-meltdown-and-spectre.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1080\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Anthony Hogbin\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Anthony Hogbin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/\"},\"author\":{\"name\":\"Anthony Hogbin\",\"@id\":\"https:\/\/hostinguk.net\/blog\/#\/schema\/person\/e7707cd2857ef38b31f396b1bf878707\"},\"headline\":\"Meltdown &#038; Spectre resources\",\"datePublished\":\"2018-01-05T13:34:39+00:00\",\"dateModified\":\"2018-01-16T17:07:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/\"},\"wordCount\":565,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2018\/01\/resources-for-meltdown-and-spectre.jpg\",\"keywords\":[\"centos\",\"cloud linux\",\"dell\",\"meltdown\",\"onapp\",\"patching\",\"security\",\"spectre\",\"ubuntu\",\"xen\"],\"articleSection\":[\"Support\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/\",\"url\":\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/\",\"name\":\"Meltdown & Spectre resources - Hosting UK\",\"isPartOf\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2018\/01\/resources-for-meltdown-and-spectre.jpg\",\"datePublished\":\"2018-01-05T13:34:39+00:00\",\"dateModified\":\"2018-01-16T17:07:43+00:00\",\"author\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/#\/schema\/person\/e7707cd2857ef38b31f396b1bf878707\"},\"description\":\"Hosting UK resources for Meltdown and Spectre. A list of most commonly required resources for patching and mitigation progress for CVE-2017-5754 CVE-2017-5715 CVE-2017-5753\",\"breadcrumb\":{\"@id\":\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#primaryimage\",\"url\":\"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2018\/01\/resources-for-meltdown-and-spectre.jpg\",\"contentUrl\":\"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2018\/01\/resources-for-meltdown-and-spectre.jpg\",\"width\":1920,\"height\":1080},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/hostinguk.net\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Meltdown &#038; Spectre resources\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/hostinguk.net\/blog\/#website\",\"url\":\"https:\/\/hostinguk.net\/blog\/\",\"name\":\"Hosting UK\",\"description\":\"Hosting UK | Domain names | Web hosting | Dedicated Servers\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/hostinguk.net\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/hostinguk.net\/blog\/#\/schema\/person\/e7707cd2857ef38b31f396b1bf878707\",\"name\":\"Anthony Hogbin\",\"url\":\"https:\/\/hostinguk.net\/blog\/author\/huk-ant\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Meltdown & Spectre resources - Hosting UK","description":"Hosting UK resources for Meltdown and Spectre. A list of most commonly required resources for patching and mitigation progress for CVE-2017-5754 CVE-2017-5715 CVE-2017-5753","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_GB","og_type":"article","og_title":"Meltdown & Spectre resources - Hosting UK","og_description":"Hosting UK resources for Meltdown and Spectre. A list of most commonly required resources for patching and mitigation progress for CVE-2017-5754 CVE-2017-5715 CVE-2017-5753","og_url":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/","og_site_name":"Hosting UK","article_published_time":"2018-01-05T13:34:39+00:00","article_modified_time":"2018-01-16T17:07:43+00:00","og_image":[{"width":1920,"height":1080,"url":"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2018\/01\/resources-for-meltdown-and-spectre.jpg","type":"image\/jpeg"}],"author":"Anthony Hogbin","twitter_misc":{"Written by":"Anthony Hogbin","Estimated reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#article","isPartOf":{"@id":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/"},"author":{"name":"Anthony Hogbin","@id":"https:\/\/hostinguk.net\/blog\/#\/schema\/person\/e7707cd2857ef38b31f396b1bf878707"},"headline":"Meltdown &#038; Spectre resources","datePublished":"2018-01-05T13:34:39+00:00","dateModified":"2018-01-16T17:07:43+00:00","mainEntityOfPage":{"@id":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/"},"wordCount":565,"commentCount":0,"image":{"@id":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#primaryimage"},"thumbnailUrl":"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2018\/01\/resources-for-meltdown-and-spectre.jpg","keywords":["centos","cloud linux","dell","meltdown","onapp","patching","security","spectre","ubuntu","xen"],"articleSection":["Support"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/","url":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/","name":"Meltdown & Spectre resources - Hosting UK","isPartOf":{"@id":"https:\/\/hostinguk.net\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#primaryimage"},"image":{"@id":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#primaryimage"},"thumbnailUrl":"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2018\/01\/resources-for-meltdown-and-spectre.jpg","datePublished":"2018-01-05T13:34:39+00:00","dateModified":"2018-01-16T17:07:43+00:00","author":{"@id":"https:\/\/hostinguk.net\/blog\/#\/schema\/person\/e7707cd2857ef38b31f396b1bf878707"},"description":"Hosting UK resources for Meltdown and Spectre. A list of most commonly required resources for patching and mitigation progress for CVE-2017-5754 CVE-2017-5715 CVE-2017-5753","breadcrumb":{"@id":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#primaryimage","url":"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2018\/01\/resources-for-meltdown-and-spectre.jpg","contentUrl":"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2018\/01\/resources-for-meltdown-and-spectre.jpg","width":1920,"height":1080},{"@type":"BreadcrumbList","@id":"https:\/\/hostinguk.net\/blog\/meltdown-spectre-resources\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/hostinguk.net\/blog\/"},{"@type":"ListItem","position":2,"name":"Meltdown &#038; Spectre resources"}]},{"@type":"WebSite","@id":"https:\/\/hostinguk.net\/blog\/#website","url":"https:\/\/hostinguk.net\/blog\/","name":"Hosting UK","description":"Hosting UK | Domain names | Web hosting | Dedicated Servers","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hostinguk.net\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/hostinguk.net\/blog\/#\/schema\/person\/e7707cd2857ef38b31f396b1bf878707","name":"Anthony Hogbin","url":"https:\/\/hostinguk.net\/blog\/author\/huk-ant\/"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/hostinguk.net\/blog\/wp-content\/uploads\/2018\/01\/resources-for-meltdown-and-spectre.jpg","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p63y3g-eC","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/posts\/906","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/comments?post=906"}],"version-history":[{"count":3,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/posts\/906\/revisions"}],"predecessor-version":[{"id":912,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/posts\/906\/revisions\/912"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/media\/908"}],"wp:attachment":[{"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/media?parent=906"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/categories?post=906"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hostinguk.net\/blog\/wp-json\/wp\/v2\/tags?post=906"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}