321
submitted 5 months ago* (last edited 5 months ago) by Pro@programming.dev to c/technology@lemmy.world
  • The new class of vulnerabilities in Intel processors arises from speculative technologies that anticipate individual computing steps.
  • Openings enable gradual reading of entire privilege memory contents of shared processor (CPU).
  • All Intel processors from the last 6 years are affected, from PCs to servers in data centres.
top 35 comments
sorted by: hot top controversial new old
[-] sunnie@slrpnk.net 87 points 5 months ago

No catchy name for the vulnerability? It can’t be that bad, then…

[-] rockSlayer@lemmy.blahaj.zone 50 points 5 months ago

Let's call it Son of Spectre

[-] b3an@lemmy.world 11 points 5 months ago

Bond, James Bond. Junior.

[-] x4740N@lemm.ee 4 points 5 months ago

Wasnt CVE recently shut down, maybe that's why it has no catchy name

[-] prettybunnys@sh.itjust.works 3 points 5 months ago

CVEs follow a naming convention, the exploit name is usually given by the researcher/hacker/whoever finds and documents it

[-] domi@lemmy.secnd.me 76 points 5 months ago

Intel has already deployed a fix for this in the 13th and 14th gen by permanently damaging the chip and crashing. Checkmate hackers.

[-] kibiz0r@midwest.social 64 points 5 months ago

Another day, another speculative execution vulnerability.

[-] boreengreen@lemm.ee 36 points 5 months ago* (last edited 5 months ago)

This vulnerability fundamentally undermines data security, particularly in the cloud environment where many users share the same hardware resources.

Intel gets punched again.

[-] msage@programming.dev 3 points 5 months ago

Who, my good friend, fucking WHO still buys Intel for the servers? It sucks so hard, I don't get it.

[-] anzo@programming.dev 2 points 5 months ago

I bet other vendors implemented similar optimizations and have the same issues. That's how it's been in several occasions...

[-] msage@programming.dev 2 points 5 months ago

Not as severe, usually.

[-] Cocodapuf@lemmy.world 2 points 5 months ago

Well personally, I've been having a bear of a time trying to get my Ryzen machine to run correctly. I'm starting to think there just aren't good options

[-] msage@programming.dev 6 points 5 months ago

I've had numerous Ryzens, with 0 issues.

Fewer Epics, but no issues either.

What issues are you having?

[-] Cocodapuf@lemmy.world 2 points 5 months ago

Frequent crashing/freezing, especially at idle. Once the processor is under heavier load it's fine, it'll keep going smooth for hours. but at lower energy states the CPU is super unstable. It often takes me about a half hour just to get the thing up and running steady, very frustrating. Sometimes it likes to crash right as it's changing load levels/c-State, so just as it finishes loading files for a game just as the first 3d frame is rendered. Or vice versa, it'll crash about 15 seconds after the computer returns to mostly idle when you exit an application.

I've tried a bunch of things, disabling c-states, manually setting dram timings, manually increasing power to various parts, enabling/disabling just about every relevant feature I can find. And of course looking for help online. I'm actually pretty sure the problem is in the motherboard, as one of the "fixes" I tried was going from a Ryzen 3600 to a 3800X, and the problem was the same.

I've looked around and it's an issue I have seen other people having, though it's not very common. But there's no consensus in the root of the problem. It does seem to be that it's some interaction between the motherboard and cpu. It could plausibly be the power supply, but I think that's pretty unlikely. The ram is fine.

[-] x4740N@lemm.ee 2 points 5 months ago* (last edited 5 months ago)

I don't know if amd does this for your specific issue but you might have a problem had with amd driver conflicts, I had this issue and was going through great lengths to Tey and figure out what was causing this until the helpful people at toms hardware helped

https://forums.tomshardware.com/threads/sporadic-bsods-in-windows-11-professional.3877530/#post-23472239

Edit: also try turning off memory context restore and there was something about ram power levels thst might cause bsods of similar nature to other people but I don't remember the bios setting name at this time unfortunately but am just leaving this here incase you figure out the name

I'd also recomend making an account snd posting on tomshardware forums because they helped me figure out what was causing my own BSOD's

And run memtest86 and memtest86+ just to rule out bad ram

Windows ram diagnostics is useless

[-] yetAnotherUser@discuss.tchncs.de 2 points 5 months ago

Honestly, it does sound a bit like a hardware defect somewhere. Usually everything should work OOTB unless you are doing something really specific.

If you haven't already done so, try updating the BIOS.

You mentioned the RAM being fine - have you run Memtest86+ for several hours? One pass is usually not enough to rule out memory malfunctions.

If you have a spare drive, try installing Linux Mint on it. If it still crashes, you can rule out Windows (and if it doesn't, you could install a clean Windows on that same drive and try again).

You could also purchase a cheap AM4 motherboard (they start at like 60 bucks) to check if the issues still occur and refund it within the return window.

[-] Cocodapuf@lemmy.world 3 points 5 months ago

Hey, thanks for the reply. Yeah I ran memtest at some point, but I've also used the memory in a different machine and had no trouble with it.

I've done several bios updates hoping for some fix, but no beans.

It does feel like a hardware defect, but the unfortunate bit is that the machine ran great for over a year, then suddenly started giving me trouble at some point, so I'm probably outside of any warranty period. That's basically the only reason I haven't RMA'd it already.

Installing mint is a pretty good idea, I could try that. But yeah, a new AM4 mobo is probably my best bet, I can't tell you how frustrating it is though...

Thanks for the ideas, I appreciate it!

[-] Nighed@feddit.uk 0 points 5 months ago

Just RMA it (or the motherboard?)

[-] x4740N@lemm.ee 1 points 5 months ago

I really dislike how you're so comfortable recommending RMA'ing a board when the person hasn't provided logs / data

Because that does nothing to solve the problem if it turns out that an RMA wasn't needed

Tech troubleshooting is a process of ruling things out and reading through information to narrow down to a probable cause and implementing a fix too see if it fixes the issue

You have no information besides what they've already tried which is random things because they haven't read log data or other information to help them figure out a cause

[-] Nighed@feddit.uk 1 points 5 months ago* (last edited 5 months ago)

I have to admit I didn't read it through properly, but if it's a problem with two CPUs then it's probably a motherboard issue. (Or something g completely unrelated like ram)

[-] Krudler@lemmy.world 2 points 5 months ago

I feel pretty duh here. That's a great point.

[-] ObviouslyNotBanana@lemmy.world 30 points 5 months ago

Finally! I've been waiting to expose my processor

[-] naeap@sopuli.xyz 28 points 5 months ago* (last edited 5 months ago)

Anyone having a link to a more technical (detailed) description?
This is quite novice orientated and I'd be very interested on how it actually works. Is there anything already disclosed?

Edit: link at the end to the original research/more detailed explanation:
https://comsec.ethz.ch/research/microarch/branch-privilege-injection/

[-] Cocodapuf@lemmy.world 22 points 5 months ago* (last edited 5 months ago)

This sounds just like Spectre/heartbleed. Haven't we learned our lesson with speculative computation? I guess not...

Well you know what they say, if it was a bad idea 10 fucking years ago, then let's do it again!

[-] jbk@discuss.tchncs.de 8 points 5 months ago

i mean just look at the performance hits with speculative execution off

[-] gedhrel@lemmy.world 7 points 5 months ago

With massive OOO pipelines, what's the alternative?

[-] Bogus007@lemm.ee 6 points 5 months ago

Intel has not learned, still making money on crap chips.

[-] Blackmist@feddit.uk 11 points 5 months ago

Can it be triggered from a browser?

Because if not, it's another non-issue issue for most people.

I think after the last round of exploits, most of the browser makers made timers deliberately inaccurate enough to prevent it being used.

[-] untakenusername@sh.itjust.works 7 points 5 months ago

average Intel moment

[-] pastermil@sh.itjust.works 5 points 5 months ago

Thankfully my Thinkpads from the last decade are not affected.

[-] LodeMike@lemmy.today 2 points 5 months ago

The so-called BPRC (Branch Predictor Race Conditions) emerge during a brief period of a few nanoseconds when the processor switches between prediction calculations for two users with different permissions, explains Sandro Rüegge, who has been examining the vulnerability in detail over the past few months.

[-] SoftestSapphic@lemmy.world -4 points 5 months ago

He look the US is putting hardware level vulnerabilities in our chips just like China does.

We're growing up so fast :'(

this post was submitted on 14 May 2025
321 points (98.2% liked)

Technology

76318 readers
430 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 2 years ago
MODERATORS