Skip to content

Meltdown and Spectre

Last updated: March 15, 2018 @ 09:49 UTC

Updated 2018-03-15: On March 14, 2018 the FreeBSD project published a security advisory (FreeBSD-SA-18:03.speculative_execution) detailing the problems and the patches currently available. Modirum is already in the process of implementing these patches on all systems running software versions covered by the advisory. Further advisories are expected, expanding the coverage of the patches to all supported versions of FreeBSD.

Information regarding the Meltdown and Spectre attack

Early January, information on several long-standing design flaws in modern CPU architectures was published. To a varying degree, these are present in Intel, AMD, Oracle/Sparc and ARM processors, and affect all types of computing devices from handheld via laptops and desktops to servers of virtually every kind. The vulnerabilities have been given two names: Meltdown and Spectre.

About Meltdown

This is an issue that in practice only affects Intel CPUs, where access to data in memory is not always checked before the data is fetched into the CPU cache. This makes it possible to trick the CPU into reading otherwise inaccessible data from system memory and determine its contents by exploiting a feature called “speculative execution” combined with timing access to cached data.

Meltdown is the most serious issue, as it is trivial to exploit and allows access to all the memory in a system, but it is possible to work around in software. Such workarounds have already been implemented in major operating systems from Apple, Microsoft and certain Linux vendors, who were given several months advance warning. Other vendors were notified of the issues much later, and are still working on their implementations.

About Spectre

This is a common name for a specific class of issues that are all related. Like Meltdown, these depend on CPU features called “speculative execution” and “instruction re-ordering”. All modern CPU architectures are affected to a greater or lesser extent. Currently only a small number of viable attack vectors are known, but it is believed that more will be found in the future.

Spectre is very much harder to exploit than Meltdown. In addition, it does not allow crossing of privilege boundaries, meaning that attacks are generally limited to user-space memory. Very intimate knowledge of the target system is required, and the attack surface is somewhat smaller than with Meltdown. However, protecting against Spectre is much harder than with Meltdown. Much work is required from both hardware and software developers, which will continue for years to come.

Modirum’s response

Modirum, just like practically everyone else, are affected by these issues. We have been aware of them since the first public discussions began, and we are following the developments very closely. We have spent much time and effort analysing the issues as information has become available. We believe we have a good understanding of how the issues can affect us, and which steps we need to take.

We have taken steps to ensure that all our laptops, desktops and portable devices have been updated with the workarounds implemented by the major vendors. Further fixes and workarounds are expected, and these will be installed as soon as they are made available.

For our server farms running FreeBSD, no stable workarounds for Meltdown are available as of yet. We are following the development of these patches closely, and we are working with the FreeBSD Foundation and the FreeBSD security team to support their work and make sure our concerns are addressed. We are testing the changes that are being proposed and providing feedback as necessary.

As soon as the patches are officially released, they will be implemented across all our systems. We have already begun planning these changes, to make sure we’re not caught up in change management once the patches are available.

Current risk assessment

We consider our production environments to be very well protected. They are secured by all useful and relevant means available to us. Among the things that are relevant to these vulnerabilities are:

  • We do not allow any code execution by 3rd parties in our production environments
  • We do not allow system-level access to anyone outside our own team
  • We have a tiered design limiting the impact of any exploitation of either vulnerability
  • We protect data with keys that only exist in secure cryptographic devices

Our current assessment is that we do not consider it likely that unauthorised code can reach our production environment and be executed with ease. Until the FreeBSD project has released a patch we are however taking extra precautions when it comes to upgrading software components. We are also looking into other ways of addressing and limiting the possible impact of these vulnerabilities.

Modirum will post more information here once we have any additional information to share.

Further reading

General information about Meltdown and Spectre
Wikipedia entry on Meltdown
Wikipedia entry on Spectre

Statements from CPU vendors: