René's URL Explorer Experiment


Title: Meltdown and Spectre

Mail addresses
werner.haas@cyberus-technology.de
thomas.prescher@cyberus-technology.de

direct link

Domain: meltdownattack.com

NoneIE=edge

Links:

software patches against Meltdownhttps://meltdownattack.com#faq-fix
Meltdown Paperhttps://meltdownattack.com/meltdown.pdf
Citehttps://meltdownattack.com/meltdown.bib
arXivhttps://arxiv.org/abs/1801.01207
However, it is possible to prevent specific known exploits based on Spectre through software patches.https://meltdownattack.com#faq-fix
Spectre Paperhttps://spectreattack.com/spectre.pdf
Citehttps://meltdownattack.com/spectre.bib
arXivhttps://arxiv.org/abs/1801.01203
Jann Hornhttps://twitter.com/tehjh
Google Project Zerohttps://googleprojectzero.blogspot.com
Cyberus Technologyhttps://www.cyberus-technology.de
Daniel Grusshttps://gruss.cc
Moritz Lipphttps://mlq.me
Stefan Mangardhttps://www.iaik.tugraz.at/content/about_iaik/people/mangard_stefan/
Michael Schwarzhttps://misc0110.net/
Graz University of Technologyhttps://www.iaik.tugraz.at
Jann Hornhttps://twitter.com/tehjh
Google Project Zerohttps://googleprojectzero.blogspot.com
Paul Kocherhttps://paulkocher.com
Daniel Genkinhttps://www.cis.upenn.edu/~danielg3/
University of Pennsylvaniahttps://www.upenn.edu/
University of Marylandhttps://www.umd.edu
Mike Hamburghttps://www.shiftleft.org/
Rambushttps://www.rambus.com
Moritz Lipphttps://mlq.me
Graz University of Technologyhttps://www.iaik.tugraz.at
Yuval Yaromhttps://cs.adelaide.edu.au/~yval
University of Adelaidehttps://www.adelaide.edu.au/
Data61https://www.data61.csiro.au/
Questions & Answershttps://meltdownattack.com#faq
Am I affected by the vulnerability?https://meltdownattack.com#faq-affected
Can I detect if someone has exploited Meltdown or Spectre against me?https://meltdownattack.com#faq-detect
Can my antivirus detect or block this attack?https://meltdownattack.com#faq-antivirus
What can be leaked?https://meltdownattack.com#faq-leaked
Has Meltdown or Spectre been abused in the wild?https://meltdownattack.com#faq-wild
Is there a workaround/fix?https://meltdownattack.com#faq-fix
KPTI (formerly KAISER)https://lwn.net/Articles/738975/
LLVM patchhttp://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20180101/513630.html
MSVChttps://blogs.msdn.microsoft.com/vcblog/2018/01/15/spectre-mitigations-in-msvc/
ARM speculation barrier headerhttps://github.com/ARM-software/speculation-barrier
Which systems are affected by Meltdown?https://meltdownattack.com#faq-systems-meltdown
According to ARMhttps://developer.arm.com/support/security-update
Which systems are affected by Spectre?https://meltdownattack.com#faq-systems-spectre
Which cloud providers are affected by Meltdown?https://meltdownattack.com#faq-cloud
What is the difference between Meltdown and Spectre?https://meltdownattack.com#faq-meltdown-vs-spectre
Meltdownhttps://meltdownattack.com/meltdown.pdf
Spectrehttps://spectreattack.com/spectre.pdf
Why is it called Meltdown?https://meltdownattack.com#faq-why-meltdown
Why is it called Spectre?https://meltdownattack.com#faq-why-spectre
Is there more technical information about Meltdown and Spectre?https://meltdownattack.com#faq-papers
academic paperhttps://arxiv.org/abs/1801.01207
a blog posthttp://blog.cyberus-technology.de/posts/2018-01-03-meltdown.html
academic paperhttps://arxiv.org/abs/1801.01203
Google Project Zero blog entryhttps://googleprojectzero.blogspot.co.at/2018/01/reading-privileged-memory-with-side.html
What are CVE-2017-5753 and CVE-2017-5715?https://meltdownattack.com#faq-cve-spectre
What is the CVE-2017-5754?https://meltdownattack.com#faq-cve-meltdown
Can I see Meltdown in action?https://meltdownattack.com#faq-demo-video
Can I use the logo?https://meltdownattack.com#faq-logo
CC0http://creativecommons.org/publicdomain/zero/1.0/
Natascha Eiblhttps://vividfox.me/
 PNGhttps://meltdownattack.com/meltdown.png
 SVGhttps://meltdownattack.com/meltdown.svg
 PNGhttps://meltdownattack.com/meltdown-text.png
 SVGhttps://meltdownattack.com/meltdown-text.svg
 PNGhttps://meltdownattack.com/meltdown-code.png
 SVGhttps://meltdownattack.com/meltdown-code.svg
 PNGhttps://meltdownattack.com/spectre.png
 SVGhttps://meltdownattack.com/spectre.svg
 PNGhttps://meltdownattack.com/spectre-text.png
 SVGhttps://meltdownattack.com/spectre-text.svg
 PNGhttps://meltdownattack.com/spectre-code.png
 SVGhttps://meltdownattack.com/spectre-code.svg
Is there a proof-of-concept code?https://meltdownattack.com#faq-code
GitHub repositoryhttps://github.com/IAIK/meltdown
Where can I find official infos/security advisories of involved/affected companies?https://meltdownattack.com#faq-advisory
 Security Advisoryhttps://security-center.intel.com/advisories.aspx
 Newsroomhttps://newsroom.intel.com/news/intel-responds-to-security-research-findings/
 Whitepaperhttps://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/Intel-Analysis-of-Speculative-Execution-Side-Channels.pdf
 Security Updatehttps://developer.arm.com/support/security-update
 Security Informationhttps://www.amd.com/en/corporate/speculative-execution
 Bloghttps://riscv.org/2018/01/more-secure-world-risc-v-isa/
 Security Bulletinhttp://nvidia.custhelp.com/app/answers/detail/a_id/4611/~/security-bulletin%3A-nvidia-gpu-display-driver-security-updates-for-speculative
 Product Securityhttps://www.nvidia.com/en-us/product-security/
 Security Guidancehttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
 Information regarding anti-virus softwarehttps://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-security-updates-released
 Azure Bloghttps://azure.microsoft.com/en-us/blog/securing-azure-customers-from-cpu-vulnerability/
 Windows (Client)https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
 Windows (Server)https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution
 Security Bulletinhttps://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/
 Project Zero Bloghttps://googleprojectzero.blogspot.co.at/2018/01/reading-privileged-memory-with-side.html
Need to knowhttps://blog.google/topics/google-cloud/what-google-cloud-g-suite-and-chrome-customers-need-know-about-industry-wide-cpu-vulnerability/
 Security Bulletinhttps://source.android.com/security/bulletin/2018-01-01
 Apple Supporthttps://support.apple.com/en-us/HT208394
 Security Advisoryhttps://support.lenovo.com/at/de/solutions/len-18282
 Bloghttps://www.ibm.com/blogs/psirt/potential-cpu-security-issue/
 Knowledge Basehttp://www.dell.com/support/article/at/de/atbsdt1/sln308587/microprocessor-side-channel-attacks--cve-2017-5715--cve-2017-5753--cve-2017-5754---impact-on-dell-products?lang=en
 Knowledge Base (Server)http://www.dell.com/support/article/at/de/atbsdt1/sln308588/microprocessor-side-channel-attacks--cve-2017-5715--cve-2017-5753--cve-2017-5754---impact-on-dell-emc-products--dell-enterprise-servers--storage-and-networking-?lang=en
 Vulnerability Alerthttp://h22208.www2.hpe.com/eginfolib/securityalerts/SCAM/Side_Channel_Analysis_Method.html
 Security Bulletinhttps://support.hp.com/document/c05869091
 Security Noticehttp://www.huawei.com/en/psirt/security-notices/huawei-sn-20180104-01-intel-en
 Security Advisoryhttps://www.synology.com/en-us/support/security/Synology_SA_18_01
 Security Advisoryhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
 Security Advisoryhttps://support.f5.com/csp/article/K91229003
 Security Bloghttps://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
 Vulnerability Responsehttps://access.redhat.com/security/vulnerabilities/speculativeexecution
 Performance Impactshttps://access.redhat.com/articles/3307751
 Security Trackerhttps://security-tracker.debian.org/tracker/CVE-2017-5754
 Knowledge Basehttps://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown
 Vulnerability Responsehttps://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/
 Kernel updatehttps://fedoramagazine.org/protect-fedora-system-meltdown/
 Announcementhttps://www.qubes-os.org/news/2018/01/04/xsa-254-meltdown-spectre/
 Advisoryhttps://fortiguard.com/psirt/FG-IR-18-002
 Advisoryhttps://security.netapp.com/advisory/ntap-20180104-0001/
 Spectre (Variant #2) Patchhttp://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20180101/513630.html
 Review __builtin_load_no_speculatehttps://reviews.llvm.org/D41760
 Review llvm.nospeculateloadhttps://reviews.llvm.org/D41761
 Vulnerability Notehttp://www.kb.cert.org/vuls/id/584653
 CVE-2017-5715http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715
 CVE-2017-5753http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5753
 CVE-2017-5754http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5754
 Security Advisoryhttps://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
 Bloghttps://blogs.vmware.com/security/2018/01/vmsa-2018-0002.html
 Security Bulletinhttps://support.citrix.com/article/CTX231399
 Security Bulletin (XenServer)https://support.citrix.com/article/CTX231390
 Security Advisory (XSA-254)https://xenbits.xen.org/xsa/advisory-254.html
 FAQhttps://blog.xenproject.org/2018/01/04/xen-project-spectremeltdown-faq/
Intelhttps://intel.com
ARMhttps://arm.com
Legal Noticehttps://www.tugraz.at/en/about-this-page/legal-notice

Viewport: width=device-width, initial-scale=1.0, maximum-scale=1.0


URLs of crawlers that visited me.