Read the full document HERE as discourse does not support all HTML features the document has.
NOTE: It is very likely that this document is NOT fully updated with latest HW mitigations and techniques found. With that in mind, use this as an initial source of information and increase your knowledge with more recent security vulnerabilities as they are discovered and advertised in other security information sources.
This document should be read together with the following articles:
-
Security Team Spectre (Variant 1 and 2) and Meltdown (Variant 3) Knowledge Base Article
-
Security Team Lazy Floating Point Knowledge Base Article (LazyFP)
-
Security Team Bounds Check Bypass Store Article (Spectre 1.1 / BCBS)
And the references used here are, among the documents above, the following docs:
-
Intel Speculative Execution Side Channel Mitigations (Rev 3.0)
-
Intel Analysis of Speculative Execution Side Channels (Rev 4.0)
-
Intel Deep Dive Mitigation Overview Side Channel Exploits Linux
-
Using Intel Compilers to Mitigate Speculative Execution Side Channel Issues
Related CPU Vulnerabilities (CVEs)
1. Side Channel Attacks - Spectre and Meltdown
-
CVE-2017-5715 - Branch Target Injection (Variant 2 / Spectre)
-
CVE-2017-5754 - Rogue Data Cache Load (Variant 3 / Meltdown)
2. Side Channel Attacks - Others
-
CVE-2018-3693 - Bounds Check Bypass Store (Variant (or Spectre) 1.1 and 1.2 / BCBS)
-
CVE-2018-3640 - Rogue System Register Read (RSRE / Variant 3a)
-
CVE-2018-3639 - Speculative Store Bypass (SSB / Variant 4 / Spectre-NG)
3. L1 Terminal Fault (L1TF)
-
CVE-2018-3615 - Intel SGX (Software Guard Extensions) (Foreshadow / L1TF)
-
CVE-2018-3620 - Operating Systems and System Management Mode (Fault-OS / SMM) (L1TF)
4. Microarchitectural Data Sampling (MDS)
-
CVE-2018-12126 - Microarchitectural Store Buffer Data Sampling (MSBDS / Fallout)
-
CVE-2018-12127 - Microarchitectural Load Port Data Sampling (MLPDS / RIDL)
-
CVE-2018-12130 - Microarchitectural Fill Buffer Data Sampling (MFBDS / ZombieLoad)
-
CVE-2019-11091 - Microarchitectural Data Sampling Uncacheable Memory (MDSUM)