Sean Wright


Personal blog of app security guy, blogging about application security related topics, focused primarily on web based applications.

Sean Wright

Meltdown & Spectre

4th January 2018

What Are They?

They both exploit critical vulnerabilities in modern day processors. If exploited successfully, a program would be able to read memory of another process or kernel. As you can imagine, this represents a significant security risk. For example privilege escalation, JavaScript running on a victim's browser could potentially steal session cookies, or a service running on a web server could steal the private key of the web server's certificate, and the list goes on.

Since cloud providers (such as AWS, AWS and Google) systems run off affected processors, VM instances running on these servers will also be affected.

Meltdown

meltdown-2

Meltdown allows an unprivileged process to access privileged kernel memory. This would allow for privilege escalation. Meltdown affects almost every Intel processor since 1995. It also appears to affect some ARM chips as well.

Working POCs have been developed, so this is a real danger:

Spectre

spectre-1

Spectre, unlike meltdown, does not allow an unprivileged process to access privileged kernel memory. This would most likely to help a process within a sandbox environment to leak data. This affects almost all current day processors including those from Intel, AMD and ARM.

What Do I Need To Do?

As always make sure that you patch your software!. Also you can reduce risk by performing actions such as installing a Ad Blocker on your browser, and disabling JavaScript (this might not be a great viable solution since many sites rely on JavaScript to function).

Cloud providers are ready actively patching their servers, so ensure that you follow any communication from your cloud provider.

Meltdown

Ensure that you install any software and OS updates. Windows is currently releasing an emergency patch. Linux has a fix in the kernel, but this may take a few days to reach all the Linux distos. MacOS has already patched the issue (since version 10.13.2).

However there is a negative side affect of a downgraded performance. Figures are any where from a 5% degradation all the way to 30%. The amount of performance hit will vary based on differing scenarios such as how many threads are being used, what application is running (some applications appear to be more affected than others), OS (these figures where based on Linux, there is suspicion that Windows will be less affected), etc.

Spectre

Unfortunately the only known way to address this issue is via a hardware fix. Thankfully this is harder to exploit than Meltdown.

Additional Reading

There are some good summaries and writeups by others:

View Comments