Menu
Home Explore People Places Arts History Plants & Animals Science Life & Culture Technology
On this page
Transient execution CPU vulnerability
Computer vulnerability using speculative execution

Transient execution CPU vulnerabilities are vulnerabilities in which instructions, most often optimized using speculative execution, are executed temporarily by a microprocessor, without committing their results due to a misprediction or error, resulting in leaking secret data to an unauthorized party. The archetype is Spectre, and transient execution attacks like Spectre belong to the cache-attack category, one of several categories of side-channel attacks. Since January 2018 many different cache-attack vulnerabilities have been identified.

We don't have any images related to Transient execution CPU vulnerability yet.
We don't have any YouTube videos related to Transient execution CPU vulnerability yet.
We don't have any PDF documents related to Transient execution CPU vulnerability yet.
We don't have any Books related to Transient execution CPU vulnerability yet.

Overview

Modern computers are highly parallel devices, composed of components with very different performance characteristics. If an operation (such as a branch) cannot yet be performed because some earlier slow operation (such as a memory read) has not yet completed, a microprocessor may attempt to predict the result of the earlier operation and execute the later operation speculatively, acting as if the prediction were correct. The prediction may be based on recent behavior of the system. When the earlier, slower operation completes, the microprocessor determines whether the prediction was correct or incorrect. If it was correct then execution proceeds uninterrupted; if it was incorrect then the microprocessor rolls back the speculatively executed operations and repeats the original instruction with the real result of the slow operation. Specifically, a transient instruction1 refers to an instruction processed by error by the processor (incriminating the branch predictor in the case of Spectre) which can affect the micro-architectural state of the processor, leaving the architectural state without any trace of its execution.

In terms of the directly visible behavior of the computer it is as if the speculatively executed code "never happened". However, this speculative execution may affect the state of certain components of the microprocessor, such as the cache, and this effect may be discovered by careful monitoring of the timing of subsequent operations.

If an attacker can arrange that the speculatively executed code (which may be directly written by the attacker, or may be a suitable gadget that they have found in the targeted system) operates on secret data that they are unauthorized to access, and has a different effect on the cache for different values of the secret data, they may be able to discover the value of the secret data.

Timeline

2018

In early January 2018, it was reported that all Intel processors made since 199523 (besides Intel Itanium and pre-2013 Intel Atom) have been subject to two security flaws dubbed Meltdown and Spectre.45

The impact on performance resulting from software patches is "workload-dependent". Several procedures to help protect home computers and related devices from the Spectre and Meltdown security vulnerabilities have been published.6789 Spectre patches have been reported to significantly slow down performance, especially on older computers; on the newer 8th-generation Core platforms, benchmark performance drops of 2–14% have been measured.10 Meltdown patches may also produce performance loss.111213 It is believed that "hundreds of millions" of systems could be affected by these flaws.1415 More security flaws were disclosed on May 3, 2018,16 on August 14, 2018, on January 18, 2019, and on March 5, 2020.17181920

At the time, Intel was not commenting on this issue.2122

On March 15, 2018, Intel reported that it will redesign its CPUs (performance losses to be determined) to protect against the Spectre security vulnerability, and expects to release the newly redesigned processors later in 2018.2324

On May 3, 2018, eight additional Spectre-class flaws were reported. Intel reported that they are preparing new patches to mitigate these flaws.25

On August 14, 2018, Intel disclosed three additional chip flaws referred to as L1 Terminal Fault (L1TF). They reported that previously released microcode updates, along with new, pre-release microcode updates can be used to mitigate these flaws.2627

2019

On January 18, 2019, Intel disclosed three new vulnerabilities affecting all Intel CPUs, named "Fallout", "RIDL", and "ZombieLoad", allowing a program to read information recently written, read data in the line-fill buffers and load ports, and leak information from other processes and virtual machines.282930 Coffee Lake-series CPUs are even more vulnerable, due to hardware mitigations for Spectre.31

2020

On March 5, 2020, computer security experts reported another Intel chip security flaw, besides the Meltdown and Spectre flaws, with the systematic name CVE-2019-0090 (or "Intel CSME Bug").32 This newly found flaw is not fixable with a firmware update, and affects nearly "all Intel chips released in the past five years".333435

2021

In March 2021 AMD security researchers discovered that the Predictive Store Forwarding algorithm in Zen 3 CPUs could be used by malicious applications to access data it shouldn't be accessing.36 According to Phoronix there's little performance impact in disabling the feature.37

In June 2021, two new vulnerabilities, Speculative Code Store Bypass (SCSB, CVE-2021-0086) and Floating Point Value Injection (FPVI, CVE-2021-0089), affecting all modern x86-64 CPUs both from Intel and AMD were discovered.38 In order to mitigate them software has to be rewritten and recompiled. ARM CPUs are not affected by SCSB but some certain ARM architectures are affected by FPVI.39

Also in June 2021, MIT researchers revealed the PACMAN attack on Pointer Authentication Codes (PAC) in ARM v8.3A.404142

In August 2021 a vulnerability called "Transient Execution of Non-canonical Accesses" affecting certain AMD CPUs was disclosed.434445 It requires the same mitigations as the MDS vulnerability affecting certain Intel CPUs.46 It was assigned CVE-2020-12965. Since most x86 software is already patched against MDS and this vulnerability has the exact same mitigations, software vendors don't have to address this vulnerability.

In October 2021 for the first time ever a vulnerability similar to Meltdown was disclosed4748 to be affecting all AMD CPUs however the company doesn't think any new mitigations have to be applied and the existing ones are already sufficient.49

2022

In March 2022, a new variant of the Spectre vulnerability called Branch History Injection was disclosed.5051 It affects certain ARM64 CPUs52 and the following Intel CPU families: Cascade Lake, Ice Lake, Tiger Lake and Alder Lake. According to Linux kernel developers AMD CPUs are also affected.53

In March 2022, a vulnerability affecting a wide range of AMD CPUs was disclosed under CVE-2021-26341.5455

In June 2022, multiple MMIO Intel CPUs vulnerabilities related to execution in virtual environments were announced.56 The following CVEs were designated: CVE-2022-21123, CVE-2022-21125, CVE-2022-21166.

In July 2022, the Retbleed vulnerability was disclosed affecting Intel Core 6 to 8th generation CPUs and AMD Zen 1, 1+ and 2 generation CPUs. Newer Intel microarchitectures as well as AMD starting with Zen 3 are not affected. The mitigations for the vulnerability decrease the performance of the affected Intel CPUs by up to 39%, while AMD CPUs lose up to 14%.

In August 2022, the SQUIP vulnerability was disclosed affecting Ryzen 2000–5000 series CPUs.57 According to AMD the existing mitigations are enough to protect from it.58

According to a Phoronix review released in October, 2022 Zen 4/Ryzen 7000 CPUs are not slowed down by mitigations, in fact disabling them leads to a performance loss.5960

2023

In February 2023 a vulnerability affecting a wide range of AMD CPU architectures called "Cross-Thread Return Address Predictions" was disclosed.616263

In July 2023 a critical vulnerability in the Zen 2 AMD microarchitecture called Zenbleed was made public.64[1] AMD released a microcode update to fix it.65

In August 2023 a vulnerability in AMD's Zen 1, Zen 2, Zen 3, and Zen 4 microarchitectures called Inception6667 was revealed and assigned CVE-2023-20569. According to AMD it is not practical but the company will release a microcode update for the affected products.

Also in August 2023 a new vulnerability called Downfall or Gather Data Sampling was disclosed,686970 affecting Intel CPU Skylake, Cascade Lake, Cooper Lake, Ice Lake, Tiger Lake, Amber Lake, Kaby Lake, Coffee Lake, Whiskey Lake, Comet Lake & Rocket Lake CPU families. Intel will release a microcode update for affected products.

The SLAM71727374 vulnerability (Spectre based on Linear Address Masking) reported in 2023 neither has received a corresponding CVE, nor has been confirmed or mitigated against.

2024

In March 2024, a variant of Spectre-V1 attack called GhostRace was published.75 It was claimed it affected all the major microarchitectures and vendors, including Intel, AMD and ARM. It was assigned CVE-2024-2193. AMD dismissed the vulnerability (calling it "Speculative Race Conditions (SRCs)") claiming that existing mitigations were enough.76 Linux kernel developers chose not to add mitigations citing performance concerns.77 The Xen hypervisor project released patches to mitigate the vulnerability but they are not enabled by default.78

Also in March 2024, a vulnerability in Intel Atom processors called Register File Data Sampling (RFDS) was revealed.79 It was assigned CVE-2023-28746. Its mitigations incur a slight performance degradation.80

In April 2024, it was revealed that the BHI vulnerability in certain Intel CPU families could be still exploited in Linux entirely in user space without using any kernel features or root access despite existing mitigations.818283 Intel recommended "additional software hardening".84 The attack was assigned CVE-2024-2201.

In June 2024, Samsung Research and Seoul National University researchers revealed the TikTag attack against the Memory Tagging Extension in ARM v8.5A CPUs. The researchers created PoCs for Google Chrome and the Linux kernel.85868788 Researchers from VUSec previously revealed ARM's Memory Tagging Extension is vulnerable to speculative probing.8990

In July 2024, UC San Diego researchers revealed the Indirector attack against Intel Alder Lake and Raptor Lake CPUs leveraging high-precision Branch Target Injection (BTI).919293 Intel downplayed the severity of the vulnerability and claimed the existing mitigations are enough to tackle the issue.94 No CVE was assigned.

2025

In January, 2025 Georgia Institute of Technology researchers published two whitepapers on Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the Apple M3 CPU via False Load Output Predictions (FLOP).959697

In January 2025, Arm disclosed a vulnerability (CVE-2024-7881) in which an unprivileged context can trigger a data memory-dependent prefetch engine to fetch data from a privileged location, potentially leading to unauthorized access. To mitigate the issue, Arm recommends disabling the affected prefetcher by setting CPUACTLR6_EL1[41].9899

Future

Spectre class vulnerabilities will remain unfixed because otherwise CPU designers will have to disable speculative execution which will entail a massive performance loss. Despite this, AMD has managed to design Zen 4 such a way its performance is not affected by mitigations.100101

Vulnerabilities and mitigations summary

Mitigation TypeComprehensivenessEffectivenessPerformance impactDescription
HardwareFullFullNone to smallRequire changes to the CPU design and thus a new iteration of hardware
MicrocodePartial to fullPartial to fullNone to largeUpdates the software that the CPU runs on which requires patches to be released for each affected CPU and integrated into every BIOS or operating system
OS/VMMPartialPartial to fullSmall to largeApplied at the operating system or virtual machine level and (depending on workload)
Software recompilationPoorPartial to fullMedium to largeRequires recompiling lots of pieces of software
Vulnerability Name(s)/SubnameOfficial Name/SubnameCVEAffected CPU architectures and mitigations*
Intel102AMD103
10th gen9th gen8th gen**Zen / Zen+Zen 2104
Ice Lake105Cascade / Comet /Amber LakeCoffee Lake106Whiskey LakeCoffee Lake,Amber Lake
Spectrev1Bounds Check BypassCVE-2017-5753Software recompilation107
v2Branch Target Injection108CVE-2017-5715Hardware + OS/VMM / Software recompilationMicrocode + ...Microcode + OS/VMM / Software recompilationHardware + OS/VMM / Software recompilation
Hardware + ...109
Meltdown / v3Rogue Data Cache LoadCVE-2017-5754HardwareOSNot affected
Spectre-NGv3aRogue System Register ReadCVE-2018-3640HardwareHardwareMicrocodeMicrocodeMicrocode
Microcode110Hardware111
v4Speculative Store Bypass112CVE-2018-3639[Hardware + OS / ]Software recompilation...[Microcode + OS / ]Software recompilationOS/VMMHardware + OS/VMM
...113
Lazy FP State RestoreCVE-2018-3665OS/VMM114Not affected
v1.1Bounds Check Bypass StoreCVE-2018-3693Software recompilation115
SpectreRSB116/ret2spec117Return MispredictCVE-2018-15572OS118
ForeshadowL1 Terminal Fault (L1TF)119SGXCVE-2018-3615Not affectedMicrocodeNot affected
OS/SMMCVE-2018-3620Microcode + OS/VMM
VMMCVE-2018-3646
Microarchitectural Data Sampling (MDS)120121RIDLZombieLoadFill Buffer (MFBDS)CVE-2018-12130Microcode + OS
Load Port (MLPDS)CVE-2018-12127HardwareMicrocode + OS/VMM122
Hardware123
FalloutStore Buffer (MSBDS)CVE-2018-12126Hardware + Microcode124125Microcode + OS/VMM126Microcode + OS/VMM
Hardware127
RIDLUncacheable Memory (MDSUM)CVE-2019-11091Same as the buffer having entries
SWAPGS128129130CVE-2019-1125OS
RIDL(Rogue In-Flight Data Load)ZombieLoad v2131132TSX Asynchronous Abort (TAA)133134CVE-2019-11135Hardware135Microcode + OS/VMMExisting MDS mitigationsExisting MDS mitigations
TSX not supported136Microcode + OS/VMM137
ZombieLoad/CacheOutL1D Eviction Sampling (L1DES)138139140CVE-2020-0549Not affectedMicrocodeMicrocode
Not affected141
Vector Register Sampling (VRS)142143CVE-2020-0548Microcode
Not affected144
Load Value Injection (LVI)145146147148CVE-2020-0551Software recompilation (mainly for Intel SGX)
CROSSTalk149Special Register Buffer Data Sampling (SRBDS)150CVE-2020-0543Microcode151Microcode
Not affected
Floating Point Value Injection (FPVI)152153CVE-2021-0086CVE-2021-26314Software recompilation
Speculative Code Store Bypass (SCSB)154155CVE-2021-0089CVE-2021-26313
Branch History Injection (BHI)156and other forms of intra-mode BTICVE-2022-0001CVE-2022-0002Software recompilationNot affectedNot affected
Software recompilation157
MMIO Stale Data158Shared Buffers Data Read (SBDR)CVE-2022-21123
Not affected159
Microcode + Software recompilation160
Microcode + Software recompilationSoftware recompilationNot affected
Shared Buffers Data Sampling (SBDS)CVE-2022-21125
Device Register Partial Write (DRPW)CVE-2022-21166MicrocodeExisting MDS mitigations
Branch Type Confusion (BTC)161Phantom162BTC-NOBRBTC-DIRCVE-2022-23825Not affectedOS/VMM
BTC-INDExisting Spectre v2 mitigations
Retbleed163164165166BTC-RETCVE-2022-29900CVE-2022-29901Not affectedOS/VMMOS/VMMOS/VMM / Software recompilation
Not affected167
Cross-Thread Return Address Predictions168169CVE-2022-27672Not affectedOS/VMM
Zenbleed170Cross-Process Information Leak171172CVE-2023-20593Not affectedMicrocode
Inception173174175Speculative Return Stack Overflow (SRSO)CVE-2023-20569Not affectedOS/VMM
Downfall176177Gather Data Sampling (GDS)178CVE-2022-40982MicrocodeNot affected

* Various CPU microarchitectures not included above are also affected, among them are ARM, IBM Power, MIPS and others.179180181182

** The 8th generation Coffee Lake architecture in this table also applies to a wide range of previously released Intel CPUs, not limited to the architectures based on Intel Core, Pentium 4 and Intel Atom starting with Silvermont.183184

Notes

References

  1. Kocher, Paul; Horn, Jann; Fogh, Anders; Genkin, Daniel; Gruss, Daniel. "Spectre Attacks: Exploiting Speculative Execution" (PDF). Retrieved 2020-04-16. https://spectreattack.com/spectre.pdf

  2. Bogle, Ariel (January 4, 2018). "Processor vulnerabilities could leave most computers open to hackers". ABC News. Archived from the original on January 5, 2018. Retrieved January 4, 2018. http://www.abc.net.au/news/science/2018-01-04/intel-chip-flaw-a-security-threat/9303280

  3. Murphy, Margi (January 3, 2018). "Fix for critical Intel chip flaw will slow down millions of computers". The Telegraph. Telegraph Media Group. Archived from the original on January 10, 2022. Retrieved January 3, 2017. https://www.telegraph.co.uk/technology/2018/01/03/fix-critical-intel-chip-flaw-will-slow-millions-computers/

  4. Coldewey, Devin (January 4, 2018). "Kernel panic! What are Meltdown and Spectre, the bugs affecting nearly every computer and device?". Archived from the original on January 4, 2018. Retrieved January 4, 2018. https://techcrunch.com/2018/01/03/kernel-panic-what-are-meltdown-and-spectre-the-bugs-affecting-nearly-every-computer-and-device/

  5. Greenberg, Andy. "A Critical Intel Flaw Breaks Basic Security for Most Computers". Wired. Archived from the original on January 3, 2018. Retrieved January 4, 2018. https://www.wired.com/story/critical-intel-flaw-breaks-basic-security-for-most-computers/

  6. Metz, Cade; Chen, Brian X. (January 4, 2018). "What You Need to Do Because of Flaws in Computer Chips". The New York Times. Archived from the original on January 3, 2022. Retrieved January 5, 2018. https://www.nytimes.com/2018/01/04/technology/meltdown-spectre-questions.html

  7. Pressman, Aaron (January 5, 2018). "Why Your Web Browser May Be Most Vulnerable to Spectre and What to Do About It". Fortune. Archived from the original on January 10, 2018. Retrieved January 5, 2018. http://fortune.com/2018/01/05/spectre-safari-chrome-firefox-internet-explorer/

  8. Chacos, Brad (January 4, 2018). "How to protect your PC from the major Meltdown and Spectre CPU flaws". PC World. Archived from the original on January 4, 2018. Retrieved January 4, 2018. https://www.pcworld.com/article/3245810/security/how-to-protect-your-pc-meltdown-spectre-cpu-flaws.html

  9. Elliot, Matt (January 4, 2018). "Security – How to protect your PC against the Intel chip flaw – Here are the steps to take to keep your Windows laptop or PC safe from Meltdown and Spectre". CNET. Archived from the original on January 4, 2018. Retrieved January 4, 2018. https://www.cnet.com/how-to/how-to-protect-your-pc-against-the-intel-chip-flaw/

  10. Hachman, Mark (January 9, 2018). "Microsoft tests show Spectre patches drag down performance on older PCs". PC World. Archived from the original on February 9, 2018. Retrieved January 9, 2018. https://www.pcworld.com/article/3245742/components-processors/microsoft-tests-show-spectre-patches-drag-down-performance-on-older-pcs.html

  11. Metz, Cade; Perlroth, Nicole (January 3, 2018). "Researchers Discover Two Major Flaws in the World's Computers". The New York Times. ISSN 0362-4331. Archived from the original on January 3, 2018. Retrieved January 3, 2018. https://www.nytimes.com/2018/01/03/business/computer-flaws.html

  12. "Computer chip scare: What you need to know". BBC News. January 4, 2018. Archived from the original on October 11, 2020. Retrieved January 4, 2018. https://www.bbc.com/news/technology-42562303

  13. "Intel says processor bug isn't unique to its chips and performance issues are 'workload-dependent'". The Verge. Archived from the original on January 3, 2018. Retrieved January 4, 2018. https://www.theverge.com/2018/1/3/16846540/intel-processor-security-flaw-bug-response

  14. Murphy, Margi (January 3, 2018). "Fix for critical Intel chip flaw will slow down millions of computers". The Telegraph. Telegraph Media Group. Archived from the original on January 10, 2022. Retrieved January 3, 2017. https://www.telegraph.co.uk/technology/2018/01/03/fix-critical-intel-chip-flaw-will-slow-millions-computers/

  15. "Meltdown and Spectre". meltdownattack.com. Archived from the original on January 3, 2018. Retrieved January 4, 2018. https://meltdownattack.com/#faq-systems-spectre

  16. Tung, Liam. "Are 8 new 'Spectre-class' flaws about to be exposed? Intel confirms it's readying fixes". ZDNet. Archived from the original on May 22, 2018. Retrieved May 4, 2018. https://www.zdnet.com/article/are-8-new-spectre-class-flaws-about-to-be-exposed/

  17. Cimpanu, Catalin (March 5, 2020). "Intel CSME bug is worse than previously thought – Researchers say a full patch requires replacing hardware. Only the latest Intel 10th generation CPUs are not affected". ZDNet. Archived from the original on March 5, 2020. Retrieved March 8, 2020. https://www.zdnet.com/article/intel-csme-bug-is-worse-than-previously-thought/

  18. Goodin, Dan (March 5, 2020). "5 years of Intel CPUs and chipsets have a concerning flaw that's unfixable – Converged Security and Management Engine flaw may jeopardize Intel's root of trust". Ars Technica. Archived from the original on March 6, 2020. Retrieved March 6, 2020. https://arstechnica.com/information-technology/2020/03/5-years-of-intel-cpus-and-chipsets-have-a-concerning-flaw-thats-unfixable/

  19. Dent, Steve (March 6, 2020). "Researchers discover that Intel chips have an unfixable security flaw – The chips are vulnerable during boot-up, so they can't be patched with a firmware update". Engadget. Archived from the original on March 6, 2020. Retrieved March 6, 2020. https://www.engadget.com/2020/03/06/intel-chips-unpatchable-security-flaw/

  20. Staff (February 11, 2020). "Intel Converged Security and Management Engine, Intel Server Platform Services, Intel Trusted Execution Engine, and Intel Active Management Technology Advisory (Intel-SA-00213)". Intel. Archived from the original on March 5, 2020. Retrieved March 6, 2020. https://www.intel.com/content/www/us/en/support/articles/000033416/technologies.html

  21. Gibbs, Samuel (January 3, 2018). "Major security flaw found in Intel processors". Theguardian.com. Archived from the original on January 4, 2018. Retrieved January 5, 2018 – via www.TheGuardian.com. https://www.theguardian.com/technology/2018/jan/03/major-security-flaw-found-intel-processors-computers-windows-mac-os-linux

  22. "How to protect your PC against the major 'Meltdown' CPU security flaw". TheVerge.com. January 4, 2018. Archived from the original on January 5, 2018. Retrieved January 5, 2018. https://www.theverge.com/2018/1/4/16848976/how-to-protect-windows-pc-meltdown-security-flaw

  23. Warren, Tom (March 15, 2018). "Intel processors are being redesigned to protect against Spectre – New hardware coming later this year". The Verge. Archived from the original on March 15, 2018. Retrieved March 15, 2018. https://www.theverge.com/2018/3/15/17123610/intel-new-processors-protection-spectre-vulnerability

  24. Shankland, Stephen (March 15, 2018). "Intel will block Spectre attacks with new chips this year – Cascade Lake processors for servers, coming this year, will fight back against a new class of vulnerabilities, says CEO Brian Krzanich". CNET. Archived from the original on March 15, 2018. Retrieved March 15, 2018. https://www.cnet.com/news/intel-blocks-spectre-attacks-with-new-server-chips-this-year/

  25. Tung, Liam. "Are 8 new 'Spectre-class' flaws about to be exposed? Intel confirms it's readying fixes". ZDNet. Archived from the original on May 22, 2018. Retrieved May 4, 2018. https://www.zdnet.com/article/are-8-new-spectre-class-flaws-about-to-be-exposed/

  26. "Intel discloses three more chip flaws". Reuters. Archived from the original on August 16, 2018. Retrieved August 16, 2018. https://www.reuters.com/article/us-cyber-intel/intel-discloses-three-more-chip-flaws-idUSKBN1KZ280

  27. Culbertson, Leslie. "Protecting Our Customers through the Lifecycle of Security Threats". Intel Newsroom. Archived from the original on August 14, 2018. Retrieved August 16, 2018. https://newsroom.intel.com/editorials/protecting-our-customers-through-lifecycle-security-threats/

  28. "Fallout: Reading Kernel Writes From User Space" (PDF). RIDL and Fallout: MDS Attacks. Archived from the original (PDF) on May 16, 2019. Retrieved May 18, 2019. https://web.archive.org/web/20190516190421/https://mdsattacks.com/files/fallout.pdf

  29. "RIDL: Rogue In-Flight Data Load" (PDF). RIDL and Fallout: MDS attacks. Archived from the original (PDF) on May 17, 2019. https://web.archive.org/web/20190517035356/https://mdsattacks.com/files/ridl.pdf

  30. "ZombieLoad Attack". zombieloadattack.com. Archived from the original on May 14, 2019. Retrieved May 18, 2019. https://zombieloadattack.com/

  31. "Intel Released "Coffee Lake" Knowing it Was Vulnerable to Spectre and Meltdown". TECHPOWERUP. 5 January 2018. https://www.techpowerup.com/240283/intel-released-coffee-lake-knowing-it-was-vulnerable-to-spectre-and-meltdown?cp=2

  32. Cimpanu, Catalin (March 5, 2020). "Intel CSME bug is worse than previously thought – Researchers say a full patch requires replacing hardware. Only the latest Intel 10th generation CPUs are not affected". ZDNet. Archived from the original on March 5, 2020. Retrieved March 8, 2020. https://www.zdnet.com/article/intel-csme-bug-is-worse-than-previously-thought/

  33. Goodin, Dan (March 5, 2020). "5 years of Intel CPUs and chipsets have a concerning flaw that's unfixable – Converged Security and Management Engine flaw may jeopardize Intel's root of trust". Ars Technica. Archived from the original on March 6, 2020. Retrieved March 6, 2020. https://arstechnica.com/information-technology/2020/03/5-years-of-intel-cpus-and-chipsets-have-a-concerning-flaw-thats-unfixable/

  34. Dent, Steve (March 6, 2020). "Researchers discover that Intel chips have an unfixable security flaw – The chips are vulnerable during boot-up, so they can't be patched with a firmware update". Engadget. Archived from the original on March 6, 2020. Retrieved March 6, 2020. https://www.engadget.com/2020/03/06/intel-chips-unpatchable-security-flaw/

  35. Staff (February 11, 2020). "Intel Converged Security and Management Engine, Intel Server Platform Services, Intel Trusted Execution Engine, and Intel Active Management Technology Advisory (Intel-SA-00213)". Intel. Archived from the original on March 5, 2020. Retrieved March 6, 2020. https://www.intel.com/content/www/us/en/support/articles/000033416/technologies.html

  36. Cutress, Ian. "AMD Issues Updated Speculative Spectre Security Status: Predictive Store Forwarding". www.anandtech.com. Retrieved 2021-04-08. https://www.anandtech.com/show/16604/amd-issues-updated-speculative-spectre-security-status-predictive-store-forwarding

  37. "Benchmarking AMD Zen 3 With Predictive Store Forwarding Disabled - Phoronix". www.phoronix.com. Retrieved 2021-04-08. https://www.phoronix.com/scan.php?page=article&item=amd-zen3-psf&num=1

  38. "Rage Against the Machine Clear". VUSec. 8 June 2021. Retrieved 2021-06-29. https://www.vusec.net/projects/fpvi-scsb/

  39. "Speculative Processor Vulnerability | Frequently asked questions". Arm Developer. Retrieved 2021-06-29. https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions

  40. Yan, Joseph Ravichandran, Weon Taek Na, Jay Lang, Mengjia (2022-06-09). "The PACMAN Attack". PACMAN. Retrieved 2024-11-16.{{cite web}}: CS1 maint: multiple names: authors list (link) https://pacmanattack.com

  41. "Documentation – Arm Developer". developer.arm.com. Retrieved 2024-11-16. https://developer.arm.com/documentation/ka005109/latest/

  42. Page, Carly (2022-06-10). "MIT researchers uncover 'unpatchable' flaw in Apple M1 chips". TechCrunch. Retrieved 2024-11-16. https://techcrunch.com/2022/06/10/apple-m1-unpatchable-flaw/

  43. "Transient Execution of Non-canonical Accesses". https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1010

  44. Musaev, Saidgani; Fetzer, Christof (2021). "Transient Execution of Non-Canonical Accesses". arXiv:2108.10771 [cs.CR]. /wiki/ArXiv_(identifier)

  45. Francisco, Thomas Claburn in San. "Boffins find if you torture AMD Zen+, Zen 2 CPUs enough, they are vulnerable to Meltdown-like attack". www.theregister.com. Retrieved 2021-09-05. https://www.theregister.com/2021/08/30/amd_meltdown_zen/

  46. "White Paper | Software techniques for managing speculation on AMD processors" (PDF). www.amd.com. Retrieved 2024-07-28. https://www.amd.com/content/dam/amd/en/documents/processor-tech-docs/programmer-references/software-techniques-for-managing-speculation.pdf

  47. Lipp, Moritz; Gruss, Daniel; Schwarz, Michael (2021-10-19). "AMD Prefetch Attacks through Power and Time". USENIX Security Symposium. https://publications.cispa.saarland/3507/

  48. "AMD Prefetch Attacks through Power and Time" (PDF). https://publications.cispa.saarland/3507/1/amd_prefetch_sec22.pdf

  49. "Side-channels Related to the x86 PREFETCH Instruction". https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1017

  50. "Branch History Injection". VUSec. Retrieved 2022-03-08. https://www.vusec.net/projects/bhi-spectre-bhb/

  51. "BHI: The Newest Spectre Vulnerability Affecting Intel & Arm CPUs". www.phoronix.com. Retrieved 2022-03-08. https://www.phoronix.com/scan.php?page=news_item&px=BHI-Spectre-Vulnerability

  52. Ltd, Arm. "Speculative Processor Vulnerability | Spectre-BHB". Arm Developer. Retrieved 2022-03-11. https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/spectre-bhb

  53. "Linux Lands Mitigations For Spectre-BHB / BHI On Intel & Arm, Plus An AMD Change Too". www.phoronix.com. Retrieved 2022-03-08. https://www.phoronix.com/scan.php?page=news_item&px=Spectre-BHI-Linux-Mitigations

  54. "grsecurity - The AMD Branch (Mis)predictor Part 2: Where No CPU has Gone Before (CVE-2021-26341)". grsecurity.net. Retrieved 2022-03-11. https://grsecurity.net/amd_branch_mispredictor_part_2_where_no_cpu_has_gone_before

  55. "AMD CPUs May Transiently Execute Beyond Unconditional Direct Branch". https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1026

  56. "oss-security - Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities". www.openwall.com. Retrieved 2022-06-19. https://www.openwall.com/lists/oss-security/2022/06/16/1

  57. "AMD Details "SQUIP" Side Channel Vulnerability For Zen's Execution Unit Scheduler". www.phoronix.com. Retrieved 2022-08-10. https://www.phoronix.com/news/AMD-Side-Channel-SQUIP

  58. "Execution Unit Scheduler Contention Side-Channel Vulnerability on AMD Processors". https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1039

  59. "With AMD Zen 4, It's Surprisingly Not Worthwhile Disabling CPU Security Mitigations". www.phoronix.com. Retrieved 2022-10-07. https://www.phoronix.com/news/AMD-Zen-4-Mitigations-Off

  60. "Disabling Spectre V2 Mitigations Is What Can Impair AMD Ryzen 7000 Series Performance". www.phoronix.com. Retrieved 2022-10-07. https://www.phoronix.com/review/amd-zen4-spectrev2

  61. "[FYI PATCH 0/3] Cross-Thread Return Address Predictions vulnerability [LWN.net]". lwn.net. Retrieved 2023-02-14. https://lwn.net/ml/linux-kernel/[email protected]/

  62. "Cross-Thread Return Address Predictions | AMD". February 14, 2022. Retrieved 2023-08-11. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1045.html

  63. "oss-sec: Xen Security Advisory 426 v1 (CVE-2022-27672) - x86: Cross-Thread Return Address Predictions". seclists.org. Retrieved 2023-02-15. https://seclists.org/oss-sec/2023/q1/96

  64. Paul Alcorn (2023-07-24). "AMD 'Zenbleed' Bug Allows Data Theft From Zen 2 Processors, Patches Coming". Tom's Hardware. Retrieved 2023-07-24. https://www.tomshardware.com/news/zenbleed-bug-allows-data-theft-from-amds-zen-2-processors-patches-released

  65. "Cross-Process Information Leak". amd.com. 2023-07-24. Retrieved 2023-07-27. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7008.html

  66. "Return Address Security Bulletin". amd.com. 2023-08-08. Retrieved 2023-08-08. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html

  67. "New Inception attack leaks sensitive data from all AMD Zen CPUs". BleepingComputer. Retrieved 2023-08-09. https://www.bleepingcomputer.com/news/security/new-inception-attack-leaks-sensitive-data-from-all-amd-zen-cpus/

  68. "Gather Data Sampling". Intel. Retrieved 2023-08-09. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/gather-data-sampling.html

  69. "Downfall". Downfall Attacks. Retrieved 2023-08-09. https://downfall.page/

  70. "Downfall and Zenbleed: Googlers helping secure the ecosystem". Google Online Security Blog. Retrieved 2023-08-09. https://security.googleblog.com/2023/08/downfall-and-zenbleed-googlers-helping.html

  71. "SLAM: Spectre based on Linear Address Masking". vusec. Retrieved 2023-12-07. https://www.vusec.net/projects/slam/

  72. "TLB-Based Side Channel Attack: Security Update". developer.arm.com. Retrieved 2023-12-07. https://developer.arm.com/Arm%20Security%20Center/TLB-Based%20Side%20Channel%20Attack

  73. "oss-sec: SLAM: Spectre based on Linear Address Masking". seclists.org. Retrieved 2023-12-07. https://seclists.org/oss-sec/2023/q4/260

  74. "New SLAM attack steals sensitive data from AMD, future Intel CPUs". BleepingComputer. Retrieved 2023-12-07. https://www.bleepingcomputer.com/news/security/new-slam-attack-steals-sensitive-data-from-amd-future-intel-cpus/

  75. "GhostRace". vusec. Retrieved 2024-03-12. https://www.vusec.net/projects/ghostrace/

  76. "Speculative Race Conditions (SRCs)". amd.com. 2024-03-12. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.html

  77. "GhostRace Detailed - Speculative Race Conditions Affecting All Major CPUs / ISAs". www.phoronix.com. Retrieved 2024-03-12. https://www.phoronix.com/news/CPU-Speculative-GhostRace

  78. "oss-sec: Xen Security Advisory 453 v1 (CVE-2024-2193) - GhostRace: Speculative Race Conditions". seclists.org. Retrieved 2024-03-14. https://seclists.org/oss-sec/2024/q1/220

  79. "Register File Data Sampling". Intel. Retrieved 2024-03-15. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/register-file-data-sampling.html

  80. "The Performance Impact Of Intel's Register File Data Sampling". www.phoronix.com. Retrieved 2024-03-15. https://www.phoronix.com/review/intel-rfds-performance

  81. "InSpectre Gadget". vusec. Retrieved 2024-04-14. https://www.vusec.net/projects/native-bhi/

  82. "oss-security - Xen Security Advisory 456 v2 (CVE-2024-2201) - x86: Native Branch History Injection". www.openwall.com. Retrieved 2024-04-14. https://www.openwall.com/lists/oss-security/2024/04/09/15

  83. "2268118 – (CVE-2024-2201) CVE-2024-2201 hw: cpu: intel:InSpectre Gadget a residual Attack Surface of Cross-privilege Spectre v2". bugzilla.redhat.com. Retrieved 2024-04-14. https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2024-2201

  84. "Branch History Injection and Intra-mode Branch Target Injection". Intel. Retrieved 2024-04-14. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html

  85. Kim, Juhee; Park, Jinbum; Roh, Sihyeon; Chung, Jaeyoung; Lee, Youngjoo; Kim, Taesoo; Lee, Byoungyoung (2024-06-12). "TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution". arXiv:2406.08719 [cs.CR]. /wiki/ArXiv_(identifier)

  86. "'TIKTAG' : The New ARM Attack - SECNORA". secnora.com. Retrieved 2024-11-16. https://secnora.com/blog/tiktag-the-new-arm-attack/

  87. "New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems". BleepingComputer. Retrieved 2024-11-16. https://www.bleepingcomputer.com/news/security/new-arm-tiktag-attack-impacts-google-chrome-linux-systems/

  88. compsec-snu/tiktag, Security Research Lab at Seoul National University (SNU), 2024-11-09, retrieved 2024-11-16 https://github.com/compsec-snu/tiktag

  89. "Sticky Tags: Efficient and Deterministic Spatial Memory Error Mitigation using Persistent Memory Tags". VUSec. Retrieved 2025-01-14. https://www.vusec.net/projects/stickytags/

  90. "Arm Memory Tagging Extension: Security Update". Arm Developer. Retrieved 2025-01-14. https://developer.arm.com/Arm%20Security%20Center/Arm%20Memory%20Tagging%20Extension

  91. "Indirector". indirector.cpusec.org. Retrieved 2024-07-03. https://indirector.cpusec.org/

  92. "Latest Intel CPUs impacted by new Indirector side-channel attack". BleepingComputer. Retrieved 2024-07-03. https://www.bleepingcomputer.com/news/security/latest-intel-cpus-impacted-by-new-indirector-side-channel-attack/

  93. Dallin Grimm (2024-07-03). "Newer Intel CPUs vulnerable to new "Indirector" attack — Spectre-style attacks risk stealing sensitive data; Intel says no new mitigations required". Tom's Hardware. Retrieved 2024-07-03. https://www.tomshardware.com/tech-industry/cyber-security/newer-intel-cpus-vulnerable-to-new-indirector-attack-spectre-style-attacks-risk-stealing-sensitive-data-intel-says-no-new-mitigations-required

  94. "INTEL-2024-07-02-001- Indirector". Intel. Retrieved 2024-07-03. https://www.intel.com/content/www/us/en/security-center/announcement/intel-security-announcement-2024-07-02-001.html

  95. "SLAP and FLOP". predictors.fail. Retrieved 2025-01-29. https://predictors.fail/

  96. "New Apple CPU side-channel attacks steal data from browsers". BleepingComputer. Retrieved 2025-01-29. https://www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers/

  97. Claburn, Thomas (2025-01-29). "SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon". The Register. Retrieved 2025-01-29. https://www.theregister.com/2025/01/29/flop_and_slap_attacks_apple_silicon/

  98. "Arm Changing Linux Default To Costly "KPTI" Mitigation For Some Newer CPUs". www.phoronix.com. Retrieved 2025-03-16. https://www.phoronix.com/news/Arm-Linux-CVE-2024-7881-KPTI

  99. "Documentation – Arm Developer". developer.arm.com. Retrieved 2025-03-16. https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881

  100. "With AMD Zen 4, It's Surprisingly Not Worthwhile Disabling CPU Security Mitigations". www.phoronix.com. Retrieved 2022-10-07. https://www.phoronix.com/news/AMD-Zen-4-Mitigations-Off

  101. "Disabling Spectre V2 Mitigations Is What Can Impair AMD Ryzen 7000 Series Performance". www.phoronix.com. Retrieved 2022-10-07. https://www.phoronix.com/review/amd-zen4-spectrev2

  102. "Affected Processors: Transient Execution Attacks & Related Security Issues by CPU". Intel. November 3, 2023. Archived from the original on 2021-05-09. Retrieved 2024-03-12. https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html

  103. "AMD Product Security | AMD". August 10, 2019. Retrieved 2019-08-10. https://www.amd.com/en/corporate/product-security

  104. Cutress, Ian. "AMD Zen 2 Microarchitecture Analysis: Ryzen 3000 and EPYC Rome". www.anandtech.com. Retrieved 2019-06-11. https://www.anandtech.com/show/14525/amd-zen-2-microarchitecture-analysis-ryzen-3000-and-epyc-rome

  105. Cutress, Dr Ian. "The Ice Lake Benchmark Preview: Inside Intel's 10nm". www.anandtech.com. Retrieved 2019-08-01. https://www.anandtech.com/show/14664/testing-intel-ice-lake-10nm/3

  106. "Intel Core i9-9900K mit 8 Kernen und 5 GHz für Gamer". heise online (in German). October 8, 2018. Retrieved 2018-10-09. https://www.heise.de/newsticker/meldung/Intel-Core-i9-9900K-mit-8-Kernen-und-5-GHz-fuer-Gamer-4183783.html

  107. "White Paper | Software techniques for managing speculation on AMD processors" (PDF). www.amd.com. Retrieved 2024-07-28. https://www.amd.com/content/dam/amd/en/documents/processor-tech-docs/programmer-references/software-techniques-for-managing-speculation.pdf

  108. Intel (January 3, 2018). Branch Target Injection (Technical report). Retrieved 2024-03-06. Two mitigation techniques have been developed ...: indirect branch control mechanisms and a software approach called ... retpoline https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/branch-target-injection.html

  109. Whiskey Lake stepping C[95]Coffee Lake stepping D

  110. Comet Lake except U42 (CPUID 806EC)[95]

  111. Whiskey Lake stepping C[95]Coffee Lake stepping D

  112. Intel (May 21, 2018). Speculative Store Bypass (Technical report). Retrieved 2024-03-06. To minimize performance impact, we do not currently recommend setting SSBD for OSes, VMMs ... https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/speculative-store-bypass.html

  113. Whiskey Lake stepping C[95]Coffee Lake stepping D

  114. "INTEL-SA-00145". Intel. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html

  115. "Bounds Check Bypass Store (BCBS) Vulnerability (INTEL-OSS-10002)". Intel. https://www.intel.com/content/www/us/en/support/articles/000029382/processors.html

  116. "Spectre Returns! Speculation Attacks using the Return Stack Buffer" (PDF). www.usenix.org. Retrieved 2019-08-17. https://www.usenix.org/system/files/conference/woot18/woot18-paper-koruyeh.pdf

  117. Maisuradze, Giorgi; Rossow, Christian (2018). "ret2spec: Speculative Execution Using Return Stack Buffers". Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. pp. 2109–2122. arXiv:1807.10364. Bibcode:2018arXiv180710364M. doi:10.1145/3243734.3243761. ISBN 9781450356930. S2CID 51804116. 9781450356930

  118. "Kernel/Git/Torvalds/Linux.git - Linux kernel source tree". https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fdf82a7856b32d905c39afc85e34364491e46346

  119. "Processors Affected: L1 Terminal Fault". Intel. August 14, 2018. Retrieved 2024-03-06. ... processors that have the RDCL_NO bit set to one (1) ... are not susceptible to the L1TF ... https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/resources/processors-affected-l1tf.html

  120. "Processors Affected: Microarchitectural Data Sampling". Intel. May 14, 2019. Retrieved 2024-03-07. ... MFBDS is mitigated if either the RDCL_NO or MDS_NO bit ... are set. ... All processors affected by MSBDS, MFBDS, or MLPDS are also affected by MDSUM for the relevant buffers. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/resources/processors-affected-mds.html

  121. Intel (March 11, 2021) [Disclosed May 14, 2019]. Microarchitectural Data Sampling (Technical report). Retrieved 2024-03-07. VMMs that already ... mitigate L1TF may not need further changes ... a VERW may be needed to overwrite the store buffers ... https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/intel-analysis-microarchitectural-data-sampling.html

  122. Cascade Lake stepping 5[108]

  123. Whiskey Lake stepping C[95]Coffee Lake stepping D

  124. Moghimi, Daniel (July 14, 2020). Data Sampling on MDS-resistant 10th Generation Intel Core (Ice Lake). GitHub (Technical report). Worcester Polytechnic Institute. Retrieved 2020-07-15. https://github.com/danielmgmi/icebreak

  125. Intel (July 14, 2020). "Microarchitectural Data Sampling Advisory" (Press release). Retrieved 2020-07-15. Intel Core Processor Family (Ice Lake) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html

  126. Cascade Lake stepping 5[108]

  127. Whiskey Lake stepping C[95]Coffee Lake stepping D

  128. "Bitdefender SWAPGS Attack Mitigation Solutions". www.bitdefender.com. Retrieved 2019-08-07. https://www.bitdefender.com/business/swapgs-attack.html

  129. "Documentation/admin-guide/hw-vuln/spectre.rst - chromiumos/third_party/kernel - Git at Google". chromium.googlesource.com. Archived from the original on 2019-08-07. Retrieved 2019-08-07. https://web.archive.org/web/20190807125636/https://chromium.googlesource.com/chromiumos/third_party/kernel/%2B/refs/tags/v4.19.65/Documentation/admin-guide/hw-vuln/spectre.rst

  130. Winder, Davey (August 6, 2019). "Microsoft Confirms New Windows CPU Attack Vulnerability, Advises All Users To Update Now". Forbes. Retrieved 2019-08-07. https://www.forbes.com/sites/daveywinder/2019/08/06/microsoft-confirms-new-windows-cpu-attack-vulnerability--advises-all-users-to-update-now/

  131. Nichols, Shaun. "True to its name, Intel CPU flaw ZombieLoad comes shuffling back with new variant". www.theregister.co.uk. Retrieved 2019-11-12. https://www.theregister.co.uk/2019/11/12/zombieload_cpu_attack/

  132. Cimpanu, Catalin. "Intel's Cascade Lake CPUs impacted by new Zombieload v2 attack". ZDNet. Retrieved 2019-11-12. https://www.zdnet.com/article/intels-cascade-lake-cpus-impacted-by-new-zombieload-v2-attack/

  133. "Cyberus Technology: TSX Asynchronous Abort". www.cyberus-technology.de. Retrieved 2019-11-12. https://www.cyberus-technology.de/

  134. Intel (November 12, 2019). Intel TSX Asynchronous Abort (Technical report). Retrieved 2024-03-12. ... TAA can be mitigated by either applying the MDS software mitigations or by selectively disabling Intel TSX ... https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/intel-tsx-asynchronous-abort.html

  135. Ice Lake Xeon-SP (CPUID 606A*)[95]

  136. Comet Lake except U42 (CPUID 806EC)[95]

  137. Whiskey Lake stepping C[95]Coffee Lake stepping D

  138. "CacheOut". cacheoutattack.com. Retrieved 2020-01-29. https://cacheoutattack.com/

  139. "MDS Attacks: Microarchitectural Data Sampling". mdsattacks.com. Retrieved 2020-01-27. https://mdsattacks.com/#ridl-nng

  140. "IPAS: INTEL-SA-00329". Technology@Intel. January 27, 2020. Retrieved 2020-01-28. https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/

  141. Comet Lake except U42 (CPUID 806EC)[95]

  142. "MDS Attacks: Microarchitectural Data Sampling". mdsattacks.com. Retrieved 2020-01-27. https://mdsattacks.com/#ridl-nng

  143. "IPAS: INTEL-SA-00329". Technology@Intel. January 27, 2020. Retrieved 2020-01-28. https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/

  144. Comet Lake except U42 (CPUID 806EC)[95]

  145. "LVI: Hijacking Transient Execution with Load Value Injection". lviattack.eu. Retrieved 2020-03-10. https://lviattack.eu/

  146. "INTEL-SA-00334". Intel. Retrieved 2020-03-10. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html

  147. "Deep Dive: Load Value Injection". software.intel.com. Retrieved 2020-03-10. https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection

  148. Claburn, Thomas. "You only LVI twice: Meltdown The Sequel strikes Intel chips – and full mitigation against data-meddling flaw will cost you 50%+ of performance". www.theregister.co.uk. Retrieved 2020-03-10. https://www.theregister.co.uk/2020/03/10/lvi_reverse_meltdown_intel_attack/

  149. "CROSSTalk". VUSec. Retrieved 2020-06-09. https://www.vusec.net/projects/crosstalk/

  150. Intel (June 14, 2022) [Disclosed June 9, 2020]. Special Register Buffer Data Sampling (Technical report). Retrieved 2024-03-21. ... systems that have loaded the microcode ... are fully mitigated by default https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/special-register-buffer-data-sampling.html

  151. Comet Lake U42Amber Lake (CPUID 806EC)[95]

  152. Intel (June 8, 2021). Floating Point Value Injection (Technical report). Retrieved 2024-05-03. Managed runtimes impacted by FPVI ... https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/floating-point-value-injection.html

  153. AMD (June 8, 2021). "Speculative Code Store Bypass and Floating-Point Value Injection" (Press release). Retrieved 2024-05-03. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1003.html

  154. Intel (June 8, 2021). Speculative Code Store Bypass (Technical report). Retrieved 2024-05-03. For example, some JIT compilers inside web browsers ... may be impacted by SCSB https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/speculative-code-store-bypass.html

  155. AMD (June 8, 2021). "Speculative Code Store Bypass and Floating-Point Value Injection" (Press release). Retrieved 2024-05-03. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1003.html

  156. Intel (March 11, 2022) [Disclosed March 8, 2022]. Branch History Injection and Intra-mode Branch Target Injection (Technical report). Retrieved 2024-03-22. ... potential BHI attacks can be mitigated by adding LFENCE to specific identified gadgets ... https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/branch-history-injection.html

  157. Whiskey Lake stepping C[95]Coffee Lake stepping D

  158. Intel (June 14, 2022). Processor MMIO Stale Data Vulnerabilities (Technical report). Retrieved 2024-04-17. For processors ... where MD_CLEAR may not overwrite fill buffer values, Intel has released microcode updates ... so that VERW does overwrite fill buffer values. ...To mitigate this, the OS, VMM, or driver that reads the secret data can reduce the window in which that data remains vulnerable ... by performing an additional read of some non-secret data https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html

  159. Cascade Lake[95]

  160. Ice Lake Core family (CPUID 706E5)[95]

  161. AMD (July 12, 2022). "AMD CPU Branch Type Confusion" (Press release). Retrieved 2024-03-25. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1037.html

  162. "Inception: how a simple XOR can cause a Microarchitectural Stack Overflow". Computer Security Group. Retrieved 2023-09-15. https://comsec.ethz.ch/research/microarch/inception/

  163. "Retbleed: Arbitrary Speculative Code Execution with Return Instructions – Computer Security Group". Retrieved 2022-07-12. https://comsec.ethz.ch/research/microarch/retbleed/

  164. "INTEL-SA-00702". Intel. Retrieved 2022-07-13. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html

  165. "AMD, Intel chips vulnerable to 'Retbleed' Spectre variant". www.theregister.com. Retrieved 2022-07-12. https://www.theregister.com/2022/07/12/amd_intel_retbleed/

  166. Goodin, Dan (July 12, 2022). "New working speculative execution attack sends Intel and AMD scrambling". Ars Technica. Retrieved 2022-07-12. https://arstechnica.com/information-technology/2022/07/intel-and-amd-cpus-vulnerable-to-a-new-speculative-execution-attack/

  167. Whiskey Lake stepping C[95]Coffee Lake stepping D

  168. "Cross-Thread Return Address Predictions | AMD". February 14, 2022. Retrieved 2023-08-11. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1045.html

  169. "[FYI PATCH 0/3] Cross-Thread Return Address Predictions vulnerability [LWN.net]". lwn.net. Retrieved 2023-02-14. https://lwn.net/ml/linux-kernel/[email protected]/

  170. "security-research/pocs/cpus/zenbleed at master · google/security-research". GitHub. Retrieved 2023-07-27. https://github.com/google/security-research/tree/master/pocs/cpus/zenbleed

  171. "AMD: Information Leak in Zen 2". GitHub. Retrieved 2023-07-27. https://github.com/google/security-research/security/advisories/GHSA-v6wh-rxpg-cmm8

  172. "Cross-Process Information Leak". AMD. Retrieved 2023-07-27. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7008.html

  173. "Inception: how a simple XOR can cause a Microarchitectural Stack Overflow". Computer Security Group. Retrieved 2023-09-15. https://comsec.ethz.ch/research/microarch/inception/

  174. "Return Address Security Bulletin". amd.com. 2023-08-08. Retrieved 2023-08-08. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html

  175. "oss-security - Xen Security Advisory 434 v1 (CVE-2023-20569) - x86/AMD: Speculative Return Stack Overflow". www.openwall.com. Retrieved 2023-09-15. https://www.openwall.com/lists/oss-security/2023/08/08/4

  176. "Downfall". Downfall Attacks. Retrieved 2023-08-09. https://downfall.page/

  177. "Downfall and Zenbleed: Googlers helping secure the ecosystem". Google Online Security Blog. Retrieved 2023-08-09. https://security.googleblog.com/2023/08/downfall-and-zenbleed-googlers-helping.html

  178. "Gather Data Sampling". Intel. Retrieved 2023-08-09. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/gather-data-sampling.html

  179. "Meltdown and Spectre Status Page". wiki.netbsd.org. Retrieved 2019-09-29. https://wiki.netbsd.org/security/meltdown_spectre/

  180. Ltd, Arm. "Speculative Processor Vulnerability | Cache Speculation Issues Update". ARM Developer. Retrieved 2019-09-29. https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/latest-updates/cache-speculation-issues-update

  181. "About speculative execution vulnerabilities in ARM-based and Intel CPUs". Apple Support. May 31, 2018. Retrieved 2019-09-29. https://support.apple.com/en-us/HT208394

  182. "Potential Impact on Processors in the POWER Family". IBM PSIRT Blog. May 14, 2019. Retrieved 2019-09-29. https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/

  183. "INTEL-SA-00088". Intel. Retrieved 2018-09-01. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00088.html

  184. "INTEL-SA-00115". Intel. Retrieved 2018-09-01. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html