Info Meltdown and Spectre Vulnerabilities Information

Page 13 - Seeking answers? Join the Tom's Hardware community: where nearly two million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
Status
Not open for further replies.
Intel Assures Silicon-Based Changes For Next-Gen CPUs Arriving in Late 2018 – Will Address Spectre and Meltdown Threats
By Hassan Mujtaba
13 hours ago
https://wccftech.com/intel-hardware-changes-new-cpus-fix-meltdown-spectre-2018/
Security is a top priority for Intel, foundational to our products and it’s critical to the success of our data-centric strategy. Our near term focus is on delivering high quality mitigations to protect our customers infrastructure from these exploits. We’re working to incorporate silicon-based changed to future products that will directly address the Spectre and Meltdown threats in hardware. And those products will begin appearing later this year.

Brian Krzanich, CEO, Intel
Click to expand...

Google Project Zero said years... But BK says CPUs with hardware fixes will be out by the end of the year. Can't wait to see the performance on these chips! I know that there are many that would happily give away performance in favor of security. Myself included!
 
AMD whitepaper on meltdown and spectre.
http://developer.amd.com/wordpress/media/2013/12/Managing-Speculation-on-AMD-Processors.pdf

AMD is certainly inmune to meltdown
A third technique is based on a software performance optimization. Software running in a lesser privilege mode typically has page table mappings for more privileged code present in the page table context that is running. This allows for high performance switching between the two modes and the software uses extra page table attributes enforced by the hardware to restrict access to the privileged data when in lesser privileged modes. However, on some processors it has been observed that if software accesses the more privileged data when the processor is in a lesser privileged mode, the architectural fault may be delayed. This opens up a window for a speculative execution attack where privileged data is then forwarded to subsequent instructions for speculative execution. This is referred to as a variant 3 (Google Project Zero and Meltdown). No AMD processor has been designed with this behavior and so we are not discussing mitigation steps in the rest of the document for this variant but we are including it here for completeness. Software developers should use CPUID vendor ID checks to identify AMD processors to avoid implementing variant 3 mitigations.
Click to expand...
 

During 4Q17 talk, Lisa Su said: "As a reminder, we believe Meltdown is not applicable to AMD processors."

A belief is not certainty. And the meltdown site continue maintaining a status of "unclear" for AMD processors.
 


I'm going to make a point on this: AMD is certainly immune to Meltdown as it exists on Intel CPUs. But that does NOT automatically mean similar style attacks wouldn't affect AMD if implemented in such a way as to affect AMDs CPU architecture.
 


That is the point. The original Meltdown attack worked in Intel CPUs but didn't work in ARM CPUs. However, ARM holdings confirmed this month than a modified Meltdown attack was successful on their CPUs.
 


Yeah, and when it rains in New York, it doesn't mean it rains in California...

This nitpicking is kind of ridiculous. What purpose does it state the obvious? An attack that works in a CPU and doesn't work in another is just that. Whatever works for one and doesn't for another it's just that. If down the line something other affects AMD and not Intel, I'll love to see this same statement being made about it in due time.
 


The not so-obvious is that just because the original Meltdown attack didn't work in some processors doesn't imply those processors are invulnerable to Meltdown flaw. Some people liked to say during the firsts days that Meltdown only affected Intel (it was even wrongly named the "Intel bug") and rest of CPUs were safe. It was demonstrated latter that Metldown affects other vendors including IBM and ARM.
 
Do we really need a page full of multiquotes?

We also don't need and aren't going to have this devolve into a fanboy opinion thread. If you have new facts relating to Meltdown and Spectre post them. If not, find another thread to argue semantics in. Only warning.
 

Read the white paper. The white paper says nothing about beliefs.

 
We May Soon See Malware Leveraging the Meltdown and Spectre Vulnerabilities
MS-chart.png
 
I have already mentioned that Both Spectre and Meltdown leverage speculative execution to do something they shouldn’t, and both affect chips from the likes of Intel, AMD, and ARM(google been saying it since they discover the flaw, but AMD keep trying to cover it up); Spectre is considered to be the broader threat. Together, there are actually three vulnerabilities, because the term “Spectre” encompasses two different types of attacks. Google reveals trio of speculative execution flaws, says AMD affected. CPUs can leak data when unwinding unused speculative execution paths. Google's Project Zero has revealed details of a vulnerability that impacts Intel chips going back to 1995, and confirmed rumours that it involved the use of speculative execution.

Importantly for users of AMD chips, GOOGLE went against comments made earlier in the week from chip manufacturer(AMD) that said it was not affected.

"These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running them," Google said in a blog post.

According to the blog post, the flaw occurs when a speculative execution path is not taken, and the CPU state is unwound. Modern CPUs use speculative execution to increase performance by preemptively executing likely code branches to be taken; however, there is always a chance that execution may not follow the expected path.

https://www.extremetech.com/computing/261792-what-is-speculative-execution

http://www.zdnet.com/article/google-reveals-trio-of-speculative-execution-flaws-says-amd-affected/
 

Those articles are a month old... We are well past this, and I would happily refer you to the AMD security update page. They have never changed anything they have said, but have added additional mitigation for variant 2. If you were following along in this thread most of you would not repeat previous arguments, which are counter productive to the evolution of the thread and subject as a whole.
https://www.amd.com/en/corporate/speculative-execution
 


AMD has changed its official position about those issues. And they face about six lawsuits and investigations for "public statements were materially false and misleading at all relevant times" and for "security fraud".

AMD has changed its version again a pair of days ago. Now they admit that silicon changes are needed for dealing with Spectre (something we knew before they admitted) and now they claim those silicon changes are coming to Zen2 cores. AMD has also officially published this warning:

AMD's efforts to prevent and address security vulnerabilities can be costly and may be partially effective or not successful at all. For instance, AMD's mitigation efforts, including the deployment of software or firmware updates to address security vulnerabilities, could result in unintended consequences such as adverse performance system operation issues and reboots. AMD may also depend on third parties, such as customers, vendors and end users to deploy AMD's mitigations or create their own, and they may delay, decline or modify the implementation of such mitigations. AMD's relationships with its customers could be adversely affected as some of its customers may stop purchasing AMD products, reduce or delay future purchases of AMD products, or use competing products. Any of these actions by AMD's customers could adversely affect its revenue. AMD is also subject to claims related to the recently disclosed side-channel exploits, such as "Spectre" and "Meltdown," and may face claims or litigation for future vulnerabilities. Actual or perceived security vulnerabilities of AMD products may subject AMD to adverse publicity, damage to its brand and reputation, and could materially harm AMD's business or financial results
Click to expand...

https://www.cnbc.com/2018/01/30/amd-earnings-q4-2017.html

AMD tried to hide and minimize those issues to investors and general public. It is amazing how their official version has changed from the original --we are near invulnerable-- to the latter --we will issue software patches-- and now to --we will change the silicon--...
 


You are simply over dramatizing the facts. AMD security page "never changed" their previous statements, which are still located on the security page! HINT! They never claimed to be invulnerable, which I posted a picture of the original statement here from Jan.4th it is now 1 month later feb. 3rd.
http://www.tomshardware.com/forum/id-3609004/cpu-security-vulnerabilities-information.html#20556662
Jan. 6th I post a link showing the fixed to Linux code patching for variant 1 and 2.
http://www.tomshardware.com/forum/id-3609004/cpu-security-vulnerabilities-information/page-3.html#20566795

The facts are they never claimed to be invulnerable from the very start. The media and law suits make accusations suggesting a flip flop, which amount to a large pile of steaming dog pucky! Which if you scroll back up from the original argument you started with lawsuits I prove it be a money grab lie.

Variant 1: Resolved by software / OS updates to be made available by system vendors and manufacturers. Negligible performance impact expected.
Variant 2: Differences in AMD architecture mean there is a near zero risk of exploitation of this variant. Vulnerability to Variant 2 has not been demonstrated on AMD processors to date.

AMD Defaults:
Due to the differences in underlying hardware implementation, AMD X86 systems are not vulnerable to variant #3. The correct default values will be set on AMD hardware based on dynamic checks during the boot sequence.

pti 0 ibrs 0 ibpb 2 -> fix variant #1 #2 if the microcode update is applied
pti 0 ibrs 2 ibpb 1 -> fix variant #1 #2 on older processors that can disable indirect branch prediction without microcode updates

Nothing has changed, except for more false accusations, and more rehash of the same tired arguments.
 
No one said that AMD did claim to be "invulnerable", but they pretended to mislead public and investors about being near invulnerable

AMD changed its official version. This change was reported in many new sites, and it is the basis for the multiple lawsuits and investigations that AMD faces for "public statements were materially false and misleading at all relevant times" and for "security fraud". Short timeline of this scandal:

Day 3 January:

We know that AMD CPUs are affected and need patches and microcodes

https://www.kb.cert.org/vuls/id/584653

On 3 January, AMD does the first public statement about vulnerabilities, claims "near-zero risk" and hides the need for patches, making investors believe that AMD is less vulnerable than it really is

https://www.cnbc.com/2018/01/11/amd-stock-drops-3-percent-after-the-company-says-its-chips-are-affected-by-security-flaw.html

Day 4 January:

Microsoft, Google, Red-Hat, SuSE, Gentoo,... are already working in patches for AMD hardware in collaboration with AMD (whose engineers develop the microcode)

https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html
https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
https://bugs.gentoo.org/643476

Day 11 January:

AMD updates the marketing statement about those flaws and admits that patches are needed: "We have defined additional steps through a combination of processor microcode updates and OS patches that we will make available to AMD customers and partners to further mitigate the threat"

A pair of days ago:

AMD has changed again the version. Now AMD admit it is working in silicon fixes for Zen2 in 2019. AMD does also publish the next warning, where they admit the possibility of all kind of adverse effects on their system:

AMD's efforts to prevent and address security vulnerabilities can be costly and may be partially effective or not successful at all. For instance, AMD's mitigation efforts, including the deployment of software or firmware updates to address security vulnerabilities, could result in unintended consequences such as adverse performance system operation issues and reboots. AMD may also depend on third parties, such as customers, vendors and end users to deploy AMD's mitigations or create their own, and they may delay, decline or modify the implementation of such mitigations. AMD's relationships with its customers could be adversely affected as some of its customers may stop purchasing AMD products, reduce or delay future purchases of AMD products, or use competing products. Any of these actions by AMD's customers could adversely affect its revenue. AMD is also subject to claims related to the recently disclosed side-channel exploits, such as "Spectre" and "Meltdown," and may face claims or litigation for future vulnerabilities. Actual or perceived security vulnerabilities of AMD products may subject AMD to adverse publicity, damage to its brand and reputation, and could materially harm AMD's business or financial results
Click to expand...

The problem is so serious that AMD even admits now the possibility people stop purchasing their products and purchase those from the competence. We can continue to pretend that nothing has changed but it is not true.

AMD public version changed from the original attempt to pretend they were almost invulnerable. To admit they need software patching to finally admit they need silicon changes.
 


Simply restating the facts that anyone can see reading this thread from beginning to now, and acting like the sky is falling from the chicken little story is not going to rewrite history with this false narrative you are attempting to display. Everything you said we already know with the exception of you a aggrandizing the situation. We already know that Spectre will require hardware fixes, because google project zero clearly stated it from the beginning it's a hardware flaw built into X86. It's not something new that just happened a couple days ago. AMDs statements are normal and honest for the seriousness of Spectre, and are in no way a contradiction to anything they have said previously.

I've already stated this information which you try to peddle as news, and Tom's Hardware agrees with the ridiculousness of the temporary attempt to devalue AMD stock here:
http://www.tomshardware.com/forum/id-3609004/cpu-security-vulnerabilities-information/page-6.html#20609997

Tom's Hardware
AMD’s stock took an insignificant hit in after-hours trading on the day it announced its BIOS updates, but its has since recovered.
Click to expand...
And here is the stock trading the very next day:
YWpIoML.png


What a ridiculous scam these lawsuits are are trying to pull off and you are trying to validate it again, but I rebutted it before already twice already here and here:
http://www.tomshardware.com/forum/id-3609004/cpu-security-vulnerabilities-information/page-6.html#20607192
http://www.tomshardware.com/forum/id-3609004/cpu-security-vulnerabilities-information/page-6.html#20609587
This is a wider period than the Intel case, which begins its lawsuit with shares bought from 27 July 2017, roughly the time that the third Meltdown flaw was discovered, and 4 January 2018, when the full extent of the issues became public.

As evidence of hiding the knowledge of the chip vulnerabilities, the complaint highlighted AMD's end-of-2016 statement, as well as its Q1, Q2 and Q3 filings. These all contain the same paragraph warning about the general risk of hackers and potential consequences of attacks, the place where investors would expect to read about fundamental issues with the company's chips, but did not. Signed and declared accurate by Su and Kumar, these reports would indicate that all was well in terms of security at AMD.

On January 2, The Register revealed the Spectre and Meltdown vulnerabilities, and AMD responded to the news saying its processors were only at risk from one variant of Spectre. On January 11, AMD published a statement to say that in fact both Spectre flavors affected its cores, with CEO Su confirming this in an interview on the same day. This information caused AMD's share prices to dip.

While not explicitly mentioned in the filing, the Google Project Zero blog stated it informed AMD about Spectre on 1 June 2017. It is not clear why the class period begins earlier than this date and makes reference to the end-of-2016 and 2017 Q1 reports, as AMD would not have been aware of the flaw at those points in time.

There's also the little annoying fact that AMD's share price went up after details of Meltdown and Spectre emerged in early January, and at $12.12 today, the stock price is more than its June 1 value of $10.93. It peaked at $14.76 in July.

Kim bought 21,000 shares in AMD at $12.24 on January 8, 2018, presumably thinking it was a safe bet. He now appears to be upset they declined in value by 0.99 per cent to $12.02 on January 12, the day after the chip design clarified its position on Meltdown and Spectre.

Responding to the class-action lawsuit, an AMD PR rep told The Reg: "We believe these allegations are without merit. We intend to vigorously defend against these baseless claims." ®
Click to expand...
The statement AMD released has not change, near-zero, and they have only added that they are going to take further steps to mitigate the possibility of exploitation. He is suing over less than a 1% decline in stock. It is likely that AMD stock will be worth more than he bought it for when he goes to trial, which it will be laughed out of court.
Click to expand...


Intel suffers from both variants of Spectre, and also Meltdown, which it has no fix at all for older computers as Red Hat shows, and is by far the more affected just because Meltdown affects it as well as Spectre as I'v already shown here:
http://www.tomshardware.com/forum/id-3609004/cpu-security-vulnerabilities-information/page-3.html#20566795
Architectural Defaults
By default, each of the 3 tunables that apply to an architecture will be enabled automatically at boot time, based upon the architecture detected.

Intel Defaults:

pti 1 ibrs 1 ibpb 1 -> fix variant#1 #2 #3
pti 1 ibrs 0 ibpb 0 -> fix variant#1 #3 (for older Intel systems with no microcode update available)

WAIT!!! Where is the fix for variant #2 for older systems? There isn't one!

AMD Defaults:
Due to the differences in underlying hardware implementation, AMD X86 systems are not vulnerable to variant #3. The correct default values will be set on AMD hardware based on dynamic checks during the boot sequence.

pti 0 ibrs 0 ibpb 2 -> fix variant #1 #2 if the microcode update is applied
pti 0 ibrs 2 ibpb 1 -> fix variant #1 #2 on older processors that can disable indirect branch prediction without microcode updates

Look a fix for older system for 2 out of the 3 exploits that affect AMD.

Nothing AMD has said is in contradiction to any of their previous statements, and Intel systems are still more affected than AMD system. And Intel still remain more effected by the exploits than AMD. It's the facts. No matter how much FUD you want to throw at AMD nothing will change the facts.
 
AMD Server CPUs Vulnerable To Spectre
AMD Naples (2017)
AMD EPYC 7601
AMD EPYC 7551
AMD EPYC 7551P
AMD EPYC 7501
AMD EPYC 7451
AMD EPYC 7401
AMD EPYC 7401P
AMD EPYC 7351
AMD EPYC 7351P
AMD EPYC 7301
AMD EPYC 7281
AMD EPYC 7251
AMD Toronto (2017)
AMD Opteron X3421
AMD Opteron X3418
AMD Opteron X3416
AMD Kyoto (2013)
AMD Opteron X2170
AMD Opteron X2150
AMD Opteron X1150
AMD Abu Dhabi (2012)
AMD Opteron 6386 SE
AMD Opteron 6380
AMD Opteron 6378
AMD Opteron 6370P
AMD Opteron 6366 HE
AMD Opteron 6348
AMD Opteron 6344
AMD Opteron 6338P
AMD Opteron 6328
AMD Opteron 6320
AMD Opteron 6308
AMD Seoul (2012)
AMD Opteron 4386
AMD Opteron 4376 HE
AMD Opteron 43GK HE
AMD Opteron 4365 EE
AMD Opteron 4340
AMD Opteron 4334
AMD Opteron 4332 HE
AMD Opteron 4310 EE
AMD Opteron 43CX EE
AMD Delhi (2012)
AMD Opteron 3380
AMD Opteron 3365
AMD Opteron 3350 HE
AMD Opteron 3320 EE
AMD Zurich (2012)
AMD Opteron 3280
AMD Opteron 3260 HE
AMD Opteron 3250 HE
AMD Interlagos (2011)
AMD Opteron 6284 SE
AMD Opteron 6282 SE
AMD Opteron 6278
AMD Opteron 6276
AMD Opteron 6274
AMD Opteron 6272
AMD Opteron 6262 HE
AMD Opteron 6238
AMD Opteron 6234
AMD Opteron 6230 HE
AMD Opteron 6220
AMD Opteron 6212
AMD Opteron 6204
AMD Valencia (2011)
AMD Opteron 4284
AMD Opteron 4280
AMD Opteron 4276 HE
AMD Opteron 4274 HE
AMD Opteron 42MX HE
AMD Opteron 4256 EE
AMD Opteron 4240
AMD Opteron 4238
AMD Opteron 4234
AMD Opteron 4230 HE
AMD Opteron 4228 HE
AMD Opteron 4226
AMD Opteron 42DX EE
AMD Magny-Cours (2010)
AMD Opteron 6180 SE
AMD Opteron 6176 SE
AMD Opteron 6176
AMD Opteron 6174
AMD Opteron 6172
AMD Opteron 6168
AMD Opteron 6164 HE
AMD Opteron 6140
AMD Opteron 6136
AMD Opteron 6134
AMD Opteron 6132 HE
AMD Opteron 6128
AMD Opteron 6128 HE
AMD Opteron 61QS
AMD Opteron 61KS
AMD Opteron 6124 HE
AMD Lisbon (2010)
AMD Opteron 4184
AMD Opteron 4180
AMD Opteron 4176 HE
AMD Opteron 4174 HE
AMD Opteron 4171 HE
AMD Opteron 4170 HE
AMD Opteron 41KX HE
AMD Opteron 4164 EE
AMD Opteron 4162 EE
AMD Opteron 41GL EE
AMD Opteron 4133
AMD Opteron 4130
AMD Opteron 4122
AMD Opteron 41QS HE
AMD Opteron 41LE HE
AMD Istanbul (2009)
AMD Opteron 8439 SE
AMD Opteron 8435
AMD Opteron 8431
AMD Opteron 8425 HE
AMD Opteron 8423
AMD Opteron 8419
AMD Opteron 8419 EE
AMD Opteron 2439 SE
AMD Opteron 2435
AMD Opteron 2431
AMD Opteron 2427
AMD Opteron 2425 HE
AMD Opteron 2423 HE
AMD Opteron 2419
AMD Opteron 2419 EE
AMD Suzuka (2009)
AMD Opteron 1389
AMD Opteron 1385
AMD Opteron 1381
AMD Opteron 13QS HE
AMD Opteron 13KS EE
AMD Shanghai (2009)
Opteron 8393 SE
Opteron 8389
Opteron 8387
Opteron 8386 SE
Opteron 8384
Opteron 8382
Opteron 8381 HE
Opteron 8380
Opteron 8379 HE
Opteron 8378
Opteron 83VS
Opteron 8374 HE
Opteron 83QS HE
Opteron 2393 SE
Opteron 2389
Opteron 2387
Opteron 2386 SE
Opteron 2384
Opteron 2382
Opteron 2381 HE
Opteron 2380
Opteron 2379 HE
Opteron 2378
Opteron 2377 EE
Opteron 2376
Opteron 2376 HE
Opteron 23VS
Opteron 2374 HE
Opteron 2373 EE
Opteron 2372 HE
Opteron 23QS HE
Opteron 23KS EE
AMD Budapest (2008)
AMD Opteron 1356
AMD Opteron 1354
AMD Opteron 1352
AMD Barcelona (2007)
AMD Opteron 8360 SE
AMD Opteron 8357 SE
AMD Opteron 8356
AMD Opteron 8354
AMD Opteron 8352
AMD Opteron 8350
AMD Opteron 8350 HE
AMD Opteron 8347
AMD Opteron 8347 HE
AMD Opteron 8346 HE
AMD Workstation CPUs Vulnerable To Spectre
AMD Summit Ridge (2017)
AMD Ryzen Threadripper 1950X
AMD Ryzen Threadripper 1920X
AMD Ryzen Threadripper 1900X
AMD Vishera (2012)
AMD FX-9590
AMD FX-9370
AMD FX-8370E
AMD FX-8370
AMD FX-8350
AMD FX-8320E
AMD FX-8320
AMD FX-8310
AMD FX-8300
AMD FX-6350
AMD FX-6300
AMD FX-6200
AMD FX-4350
AMD FX-4320
AMD FX-4300
AMD Zambezi (2011)
AMD FX-8170
AMD FX-8150
AMD FX-8140
AMD FX-8120
AMD FX-8100
AMD FX-6130
AMD FX-6120
AMD FX-6100
AMD FX-4170
AMD FX-4150
AMD FX-4130
AMD FX-4120
AMD FX-4100
AMD Desktop CPUs Vulnerable To Spectre
AMD Summit Ridge (2017)
AMD Ryzen 7 1800X
AMD Ryzen 7 1700X
AMD Ryzen 7 1700
AMD Ryzen 5 1600X
AMD Ryzen 5 1600
AMD Ryzen 5 1500X
AMD Ryzen 5 1400
AMD Ryzen 3 1300X
AMD Ryzen 3 1200
AMD Bristol Ridge (2016)
AMD PRO A12-9800
AMD A12-9800
AMD PRO A12-9800E
AMD A12-9800E
AMD PRO A10-9700
AMD A10-9700
AMD PRO A10-9700E
AMD A10-9700E
AMD PRO A8-9600
AMD A8-9600
AMD A6-9550
AMD PRO A6-9500
AMD A6-9500
AMD PRO A6-9500E
AMD A6-9500E
AMD Athlon X4 970
AMD Athlon X4 950
AMD Athlon X4 940
AMD Carrizo (2015)
AMD Athlon X4 845
AMD Athlon X4 835
AMD Kaveri (2014)
AMD A10-7890K
AMD A10-7870K
AMD A10-7860K
AMD A10 PRO-7850B
AMD A10-7850K
AMD A10 PRO-7800B
AMD A10-7800
AMD A10-7700K
AMD A8-7670K
AMD A8-7650K
AMD A8 PRO-7600B
AMD A8-7600
AMD A6-7470K
AMD A6-7400K
AMD A6 PRO-7400B
AMD A6 PRO-7350B
AMD FX-770K
AMD Athlon X4 880K
AMD Athlon X4 870K
AMD Athlon X4 860K
AMD Athlon X4 840
AMD Athlon X2 450
AMD Kabini (2014)
AMD Athlon 5370
AMD Athlon 5350
AMD Athlon 5150
AMD Sempron 3850
AMD Sempron 2650
AMD Richland (2013)
AMD A10-6800K
AMD A10-6800B
AMD A10-6790K
AMD A10-6790B
AMD A10-6700
AMD A10-6700T
AMD A8-6600K
AMD A8-6500B
AMD A8-6500
AMD A8-6500T
AMD A6-6420K
AMD A6-6420B
AMD A6-6400K
AMD A6-6400B
AMD A4 PRO-7300B
AMD A4-7300
AMD A4-6320B
AMD A4-6320
AMD A4-6300B
AMD A4-6300
AMD A4-4020
AMD A4-4000
AMD FX-670K
AMD Athlon X4 760K
AMD Athlon X4 750
AMD Athlon X2 370K
AMD Athlon X2 350
AMD Sempron X2 250
AMD Trinity (2012)
AMD A10-5800K
AMD A10-5800B
AMD A10-5700
AMD A8-5600K
AMD A8-5500B
AMD A8-5500
AMD A6-5400K
AMD A6-5400B
AMD A4-5300B
AMD A4-5300
AMD FirePro A320
AMD FirePro A300
AMD Athlon X4 750K
AMD Athlon X4 740
AMD Athlon X2 340
AMD Sempron X2 240
AMD Llano (2011)
AMD A8-3870K
AMD A8-3850
AMD A8-3820
AMD A8-3800
AMD A6-3670K
AMD A6-3650
AMD A6-3620
AMD A6-3600
AMD A4-3420
AMD A4-3400
AMD A4-3330
AMD E2-3200
AMD Athlon II X4 651K
AMD Athlon II X4 651
AMD Athlon II X4 641
AMD Athlon II X4 638
AMD Athlon II X4 631
AMD Athlon II X2 221
AMD Sempron X2 198
AMD Propus (2011)
AMD Phenom II X4 850
AMD Phenom II X4 840
AMD Athlon II X4 650
AMD Athlon II X4 645
AMD Athlon II X4 640
AMD Athlon II X4 635
AMD Athlon II X4 630
AMD Athlon II X4 620
AMD Athlon II X4 620e
AMD Athlon II X4 615e
AMD Athlon II X4 610e
AMD Athlon II X4 605e
AMD Athlon II X4 600e
AMD Regor (2011)
AMD Phenom II X2 521
AMD Phenom II X2 511
AMD Athlon II X2 B30
AMD Athlon II X2 280
AMD Athlon II X2 B28
AMD Athlon II X2 270
AMD Athlon II X2 270u
AMD Athlon II X2 265
AMD Athlon II X2 260
AMD Athlon II X2 260u
AMD Athlon II X2 B26
AMD Athlon II X2 255
AMD Athlon II X2 250e
AMD Athlon II X2 250
AMD Athlon II X2 250u
AMD Athlon II X2 245e
AMD Athlon II X2 245
AMD Athlon II X2 240e
AMD Athlon II X2 240
AMD Athlon II X2 B24
AMD Athlon II X2 235e
AMD Athlon II X2 220
AMD Athlon II X2 B22
AMD Athlon II X2 215
AMD Athlon II X2 210e
AMD Sempron 190
AMD Sempron 180
AMD Zosma (2010)
AMD Phenom II X4 970 Black Edition
AMD Phenom II X4 960T Black Edition
AMD Phenom II X4 960T
AMD Phenom II X4 840T
AMD Phenom II X4 650T
AMD Athlon II X4 640
AMD Thuban (2010)
AMD Phenom II X6 1100T Black Edition
AMD Phenom II X6 1090T Black Edition
AMD Phenom II X6 1075T Black Edition
AMD Phenom II X6 1075T
AMD Phenom II X6 1065T
AMD Phenom II X6 1055T
AMD Phenom II X6 1045T
AMD Phenom II X6 1035T
AMD Sargas (2009)
AMD Athlon II 170u
AMD Athlon II 160u
AMD Sempron 150
AMD Sempron 145
AMD Sempron 140
AMD Sempron 130
AMD Deneb (2009)
AMD Phenom II 42 TWKR
AMD Phenom II X4 980 Black Edition
AMD Phenom II X4 975 Black Edition
AMD Phenom II X4 970 Black Edition
AMD Phenom II X4 965 Black Edition
AMD Phenom II X4 B99
AMD Phenom II X4 955 Black Edition
AMD Phenom II X4 955
AMD Phenom II X4 B97
AMD Phenom II X4 945
AMD Phenom II X4 940 Black Edition
AMD Phenom II X4 B95
AMD Phenom II X4 925
AMD Phenom II X4 920
AMD Phenom II X4 B93
AMD Phenom II X4 910e
AMD Phenom II X4 910
AMD Phenom II X4 905e
AMD Phenom II X4 900e
AMD Phenom II X4 830
AMD Phenom II X4 820
AMD Phenom II X4 810
AMD Phenom II X4 805
AMD Heka (2009)
AMD Phenom II X3 B77
AMD Phenom II X3 740 Black Edition
AMD Phenom II X3 B75
AMD Phenom II X3 720 Black Edition
AMD Phenom II X3 B73
AMD Phenom II X3 720
AMD Phenom II X3 715 Black Edition
AMD Phenom II X3 710
AMD Phenom II X3 705e
AMD Phenom II X3 700e
AMD Callisto (2009)
AMD Phenom II X2 570 Black Edition
AMD Phenom II X2 B60
AMD Phenom II X2 565 Black Edition
AMD Phenom II X2 B59
AMD Phenom II X2 560 Black Edition
AMD Phenom II X2 555 Black Edition
AMD Phenom II X2 B57
AMD Phenom II X2 550 Black Edition
AMD Phenom II X2 550
AMD Phenom II X2 B55
AMD Phenom II X2 545
AMD Phenom II X2 B53
AMD Rana (2009)
AMD Athlon II X3 460
AMD Athlon II X3 455
AMD Athlon II X3 450
AMD Athlon II X3 445
AMD Athlon II X3 440
AMD Athlon II X3 435
AMD Athlon II X3 425e
AMD Athlon II X3 425
AMD Athlon II X3 420e
AMD Athlon II X3 415e
AMD Athlon II X3 405e
AMD Athlon II X3 400e
AMD Agena (2008)
AMD Phenom X4 9950 Black Edition
AMD Phenom X4 9850 Black Edition
AMD Phenom X4 9850B
AMD Phenom X4 9850
AMD Phenom X4 9750B
AMD Phenom X4 9750
AMD Phenom X4 9650
AMD Phenom X4 9600B
AMD Phenom X4 9600
AMD Phenom X4 9550
AMD Phenom X4 9500
AMD Phenom X4 9450
AMD Phenom X4 9350
AMD Phenom X4 9150e
AMD Phenom X4 9100e
AMD Toliman (2008)
AMD Phenom X3 8850
AMD Phenom X3 8750 Black Edition
AMD Phenom X3 8750
AMD Phenom X3 8750B
AMD Phenom X3 8650
AMD Phenom X3 8600B
AMD Phenom X3 8600
AMD Phenom X3 8550
AMD Phenom X3 8450e
AMD Phenom X3 8450
AMD Phenom X3 8400
AMD Phenom X3 8250e
AMD Kuma (2008)
AMD Athlon X2 7850 Black Edition
AMD Athlon X2 7750 Black Edition
AMD Athlon X2 7550
AMD Athlon X2 7450
AMD Athlon X2 6500 Black Edition


AMD Mobile CPUs Vulnerable To Spectre
AMD Raven Ridge (2017)
AMD Ryzen 7 2700U
AMD Ryzen 5 2500U
AMD Bristol Ridge (2016)
AMD FX-9830P
AMD Pro A12-9830B
AMD FX-9800P
AMD Pro A12-9800B
AMD A12-9730P
AMD Pro A10-9730B
AMD A12-9720P
AMD A12-9700P
AMD Pro A10-9700B
AMD A10-9630P
AMD Pro A8-9630B
AMD A10-9620P
AMD A10-9600P
AMD Pro A8-9600B
AMD Pro A6-9500B
AMD Stoney Ridge (2015)
AMD A9-9430
AMD A9-9420
AMD A9-9410
AMD A9-9400
AMD A6-9220
AMD A6-9210
AMD A6-9200
AMD A6-9200e
AMD A4-9120
AMD E2-9010
AMD E2-9000
AMD E2-9000e
AMD Carrizo (2015)
AMD A10-8780P
AMD Pro A12-8800B
AMD FX-8800P
AMD Pro A10-8700B
AMD A10-8700P
AMD Pro A8-8600B
AMD A8-8600P
AMD Pro A6-8500B
AMD A6-8500P
AMD A8-7410
AMD A6-7310
AMD A4-7210
AMD E2-7110
AMD E1-7010
AMD Kaveri (2014)
AMD FX-7600P
AMD FX-7500
AMD A10-7400P
AMD Pro A10-7350B
AMD A10-7300
AMD A8-7200P
AMD Pro A8-7150B
AMD A8-7100
AMD Pro A6-7050B
AMD A6-7000
AMD Richland (2013)
AMD A10-5757M
AMD A10-5750M
AMD A10-5745M
AMD A8-5557M
AMD A8-5550M
AMD A8-5545M
AMD A6-5357M
AMD A6-5350M
AMD A6-5345M
AMD A4-5150M
AMD A4-5145M
AMD Trinity (2012)
AMD A10-4655M
AMD A10-4600M
AMD A8-4555M
AMD A8-4500M
AMD A6-4455M
AMD A6-4400M
AMD A4-4355M
AMD A4-4300M
AMD Llano (2011)
AMD A8-3550MX
AMD A8-3530MX
AMD A8-3520M
AMD A8-3510MX
AMD A8-3500M
AMD A6-3430MX
AMD A6-3420M
AMD A6-3410MX
AMD A6-3400M
AMD A4-3330MX
AMD A4-3320M
AMD A4-3310MX
AMD A4-3305M
AMD A4-3300M
AMD E2-3000M
AMD Champlain (2010)
AMD Phenom II X940 Black Edition
AMD Phenom II X920 Black Edition
AMD Phenom II N970
AMD Phenom II P960
AMD Phenom II N950
AMD Phenom II P940
AMD Phenom II N930
AMD Phenom II P920
AMD Phenom II N870
AMD Phenom II P860
AMD Phenom II N850
AMD Phenom II P840
AMD Phenom II N830
AMD Phenom II P820
AMD Phenom II N660
AMD Phenom II P650
AMD Phenom II N640
AMD Phenom II N620
AMD Phenom II X640 Black Edition
AMD Phenom II X620 Black Edition
AMD Athlon II N370
AMD Athlon II P360
AMD Athlon II N350
AMD Athlon II P340
AMD Athlon II N330
AMD Athlon II P320
AMD Athlon II Neo K145
AMD Athlon II Neo K125
AMD Turion II Neo K685
AMD Turion II Neo K665
AMD Turion II Neo K645
AMD Turion II Neo K625
AMD Turion II N570
AMD Turion II P560
AMD Turion II N550
AMD Turion II P540
AMD Turion II N530
AMD Turion II P520
AMD V160
AMD V140
AMD V120
AMD V105
AMD Geneva (2010)
AMD Turion II Neo N54L
AMD Turion II K685
AMD Turion II K665
AMD Turion II K645
AMD Turion II K625
AMD Caspian (2009)
AMD Turion II Ultra M660
AMD Turion II Ultra M640
AMD Turion II Ultra M620
AMD Turion II Ultra M600
AMD Turion II M560
AMD Turion II M540
AMD Turion II M520
AMD Turion II M500
AMD Athlon II M360
AMD Athlon II M340
AMD Athlon II M320
AMD Athlon II M300
AMD Sempron M140
AMD Sempron M120
AMD Sempron M100
 
You need to put a spoiler on that list, and stop just blanket spamming!
 


Agreed and edited as such. YoAndy, don't post like that again. Use spoiler tags, or your comment will just be deleted.
 


My bad, I tough I did.
 


Spectre is NOT a flaw into x86. There are x86 CPUs aren't affected by Spectre; on the other hand there are ARM, IBM, and Sun processors that are affected by Spectre.



It doesn't matter how the stock performed latter, neither how it will perform tomorrow. What matter is what happened the day that the stock dropped down: "plaintiff and other class members have suffered significant losses and damages". It seems evident that they can show on Court how much money they lost.



I already give benchmarks showing cases where Intel is "more affected" than AMD, cases where AMD is "more affected" than Intel, and cases where both AMD and Intel aren't affected. Only because Intel is patched for Meltdown and Spectre doesn't mean that Intel will always take a higher performance hit than AMD. I already gave a benchmark where EPYC took a higher performance hit than Xeon Gold.

pti 1 ibrs 0 ibpb 0 is the default for family 10h, 12h and 16h of AMD processors.

pti 0 ibrs 0 ibpb 2 is the default for Zen. ibpb set to 2 doesn’t protect the kernel against attacks based on SMT; therefore, ibpb set to 2 provides less complete protection unless SMT is also disabled. This problem is absent in Intel processors because ibpb is never set to 2 for Intel processors.
 

Yeah, I linked the original article in this thread here:
http://www.tomshardware.com/forum/id-3609004/cpu-security-vulnerabilities-information/page-5.html#20585746
embed.php

embed.php


And if you take a good look at all those graphs Intel is by far more effected by performance losses in more graphs and by higher margins than AMD. But you neglect to show that 8 graphs having a greater impact on Intel's performance vs. 2 graphs for AMD.
https://www.phoronix.com/scan.php?page=article&item=linux-retpoline-benchmarks&num=1



 


They suffered a loss of less than 1%. But if that is significant in your opinion you are allowed to have it, but I and Tom's Hardware disagree with you. The real problem is that the entire case is based on AMD making contradictory statements, which is absolutely false, and I've already proved this to be a money grab scheme in attempt to recover from damages outside the scope of the time frame in question. This makes the case laughable as Tom's Hardware has already mentioned in an article!
Two law firms have announced their intention to file class-action lawsuits against AMD. The firms claim the company failed to disclose knowledge of its products’ Spectre vulnerability.

The Meltdown/Spectre issue continues to ripple through the computer industry as affected hardware OEMs continue to push out patches, while wrongdoers try to take advantage of it. Compared to when the issue first made headlines, we now have a much clearer picture of the three distinct vulnerabilities that make up the issue and how they’re fixed. However, with so many affected CPUs, some of which are only partially affected by the issue, we still don’t have a clear picture of Meltdown/Spectre’s full impact.

Zen-based CPUs (Ryzen and Threadripper) from AMD are among those that are partially affected. Of the three vulnerabilities, the company said from the beginning that its CPUs did not suffer from Meltdown. There was more confusion around Spectre. The company initially claimed, and continues to maintain, that it’s vulnerable to Spectre Variant 1, which is patched at the OS level. As for Spectre Variant 2, however, AMD’s initial statement was that there was “near-zero risk of exploitation” on its CPUs; it later stated that it had issued “optional” CPU microcode updates for the vulnerability.
The change in position is part of why the Rosen and Pomerantz law firms are now targeting AMD. These lawsuits aren’t aimed at justice for consumers, though; they’re after AMD for failing to disclose to investors its knowledge of the vulnerabilities, which led to a claimed drop in stock value.
AMD’s stock took an insignificant hit in after-hours trading on the day it announced its BIOS updates, but its has since recovered. Only the Pomerantz lawsuit specifically mentions Spectre Variant 2, whereas the Rosen lawsuit references only “a fundamental security flaw”. Both lawsuits seem to be viewing AMD’s eventual release of BIOS updates as a smoking gun for the case that AMD’s CPUs are vulnerable to Spectre Variant 2 after all.

Since the announcement of the BIOS updates, AMD hasn’t made any more statements on Meltdown/Spectre. Meanwhile, there are already multiple lawsuits against Intel.

In response to our inquiry, AMD said that the “allegations are without merit” and that it intends “to vigorously defend against these baseless claims.”
Click to expand...
http://www.tomshardware.com/news/amd-targeted-class-action-spectre-vulnerabilities,36357.html

As for Spectre Variant 2, however, AMD’s initial statement was that there was “near-zero risk of exploitation” on its CPUs; it later stated that it had issued “optional” CPU microcode updates for the vulnerability.
Click to expand...
This statement right here “near-zero risk of exploitation” is not a claim of invulnerability, which will lead AMD to win this case!
 
Status
Not open for further replies.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom