'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Further to Meltdown and Spectre issues, the F34 is better than F31. I suspected that you was on F31, that's why I asked.

 

Continuing the above "Impacted Intel Platform" posting, the only Intel Core processor line not affected would be 1st generation Intel Core processors which I believe are these:

https://en.wikipedia.org/wiki/Intel_Core

Anything labeled Core Duo would be 2nd generation+ Intel Core processors and vulnerable except the "Yonah" Core Duo processor line which include T2xxx, L2xxx, and U2xxx designations.

 

Intel refers to the Sandy Bridge generation Intel Core i3/i5/i7 processors as 2nd generation Intel Core processors.
https://en.wikipedia.org/wiki/Sandy_Bridge
https://en.wikipedia.org/wiki/Intel_Core#Sandy_Bridge_(2nd_gen)_microarchitecture-based

I think the earlier Nehalem based generation Intel Core i3/i5/i7 processors are what Intel would refer to as the 1st generation Intel Core processors.
https://en.wikipedia.org/wiki/Nehalem_(microarchitecture)
https://en.wikipedia.org/wiki/Intel_Core#Nehalem_microarchitecture-based

I think that is reflected in Intel's presentation of "Impacted Intel Platforms", in which the first mentioned are the Intel Core i3/i5/i7 processors (presumably the Nehalem based 1st generation), and after that the 2nd generation Intel Core processors are mentioned.
https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html#4

I don't know how Intel refers to the Core 2 Duo (etc.) family, as that was also known as Intel Core.
https://en.wikipedia.org/wiki/Intel_Core_(microarchitecture)
https://en.wikipedia.org/wiki/Intel_Core#64-bit_Core_microarchitecture-based

It's quite a mess, and it can all be very confusing.

 

Yes, it is "murky" to say the least. If one "buys in" to the argument that any Intel processor that uses the FSB is immune, then any processor pre-dating Nehalem is immune. Nehalem moved the memory controller from the FSB onto the CPU chip:

http://www.apcmag.com/first_look_intel_core_i7_and_x58_express_chipset.htm/3/

This would imply that all Core Duo processors are immune. I haven't bought into this argument and won't until we specifically see an Intel ref. they are excluded. However, further justification for the FSB argument is that the last AMD processors to use it:

The above being immune from these vulnerabilities.

-EDIT- I still believe these vulnerabilities have nothing to do with the use of FSB and memory controller per se but are rather internal features within the CPU itself:

https://en.wikipedia.org/wiki/Speculative_execution
https://en.wikipedia.org/wiki/Branch_predictor

 

Does anybody know which are “2nd generation Intel® Core™ processors” (and all other numbers).

I wonder in which category a Core 2 Duo belongs (if any).

 

First, see recent post #778,
and also see
https://en.wikipedia.org/wiki/Intel_Core
https://en.wikipedia.org/wiki/Tick–tock_model

 

**** Edited for incorrect Wikipedia information

https://communities.intel.com/message/519186#519186

 

There you go @Sampei Nihira , it looks like you might be out of the woods

Btw, apparently some testing has found that one would have to be on an infected page for up to 15-20 min before enough operations can be made by spectre to leak enough useful memory. I notice a lot of websites are calling meltdown worse than spectre, but spectre is going to require a lot more than straightforward patching to fix it; evidently it's going to require compiling and re-compiling code to fix it. What a nightmare that could cause for system admins. It can also, of course which has already been pointed out in this thread, exploit very easily remotely.

 

One more thorough test with CPU-Z revealed that my CPU is:

https://ark.intel.com/products/42809

https://en.wikipedia.org/wiki/List_of_Intel_Pentium_microprocessors#"Wolfdale-3M"_(45_nm)

Release date May 30, 2010

So 4 years later the Core 2 Duo.
If Sandy Bridge as 2nd generation Intel Core processors, my CPU it is perhaps the first generation.

 

According to this: https://www.intel.com/content/www/u...side-channel-analysis-and-intel-products.html , only Pentium J and N series are known to be affected so far. You have an E series processor. However as noted on the Intel communities forum, the affected list is subject to later updates as new vulnerable processors are discovered.

 

It is important to check the launch date.
My CPU = Q2'10

Those you quote are more recent:

https://ark.intel.com/products/series/95590/Intel-Pentium-Processor-J-Series

 

What does Win system information, i.e. C:\WINDOWS\System32\msinfo32.exe, state your processor is?

 

Good. You have a dual core Pentium processor; not a Core Duo processor.

 

Thank you for the link.

I might be wrong, but the person posting does not seem to be an Intel employee and he only says it's not on the list. He does not say it's not affected...

How can one contact Intel about this? Would their chat support be an option?

 

Yes, I was indeed on F.31 and was wrongfully expecting HP Support Assistant to inform me of newer versions as it did for F.31.

The last few BIOS updates have had the same or similar release notes.

Thanks for your post because it nudged me to check which showed me the newer version. I'm on F.34 now.

 

N.Scott.Pearson worked as a Software Engineer at Intel Corporation until 2014.

 

It appears to me there is a "lot of confusion" in regards to these vulnerability tests that are "cropping up like weeks" including the Powershell test. All these tests assume you are vulnerable to these exploits. None do a magic lookup somewhere to determine if your CPU itself is vulnerable of not. When "the smoke clears" on this issue and all CPU vendors have performed their verification tests which appears will take some time, only then can one assume their CPU is indeed not vulnerable. At that time, one could then safely apply the registry override modification to disable the Meltdown and Spectre OS patches. I personally would not do that unless there was a significant performance degradation.

 

I was waiting for Intel Core2Duos to pop up in this thread. I have two computers with these -

@Sampei Nihira how do you know the release date?

Ran the portable CPU-Z on my HP and it says it is a Conroe E6600 2.40Ghz

System Info says:
Processor x86 Family 6 Model 15 Stepping 6 GenuineIntel ~2394 Mhz
BIOS Version/Date Hewlett-Packard 786E1 v01.10, 13/04/2007
System Model HP Compaq dc7700 Small Form Factor

 

A quick web search offers Intel Core 2 Duo E6600 specifications,
among which, the launch date, Q3'06.
https://ark.intel.com/products/27250/Intel-Core2-Duo-Processor-E6600-4M-Cache-2_40-GHz-1066-MHz-FSB

 

Pretty much agreed.

These hardware vulnerabilities are likely just the beginning as over time more bugs will be found and modifications of the exploits will result in more and different types of attacks. A processor that isn't vulnerable to these current vulnerabilities could be vulnerable to future ones. There's so much time and effort from people searching to see if their processor is affected now, when it's probably better to assume it is - or eventually will be - and instead focus on mitigation techniques to avoid being exploited until they're patched or until they buy new and improved replacement hardware. There's no need to sweat it; just accept it for what it is and deal with it.

 

That's what I think too.

 

Correct.

In particular:

https://en.wikipedia.org/wiki/List_of_Intel_Core_2_microprocessors#"Conroe"_(65_nm)

Release date July 2006.

 

Use Cpu-Z portable
Find the CPU and Code Name
Then check your Intel CPU in the list below:

https://en.wikipedia.org/wiki/List_...t_desktop_and_mobile_processors_for_consumers

verify the list below:

https://www.intel.com/content/www/u...side-channel-analysis-and-intel-products.html

and:

https://www.techarp.com/guides/complete-meltdown-spectre-cpu-list/5/


Example (my XP):



https://ark.intel.com/en/products/27146/Intel-Celeron-M-Processor-380-1M-Cache-1_60-GHz-400-MHz-FSB

no date.
Find Code Name:

https://en.wikipedia.org/wiki/Celeron

August 2004

Part of the processor generations that preceded the First Generation Intel Core processors.

 

As far as the techarp.com web site goes, note this:

Note what I bold texted in red. In other words, only what is listed is vulnerable to all exploits. Anything not listed could be still vulnerable to one or more of the exploits.