nospam.Henri.Derksen@f1208.n280.z2.binkp.net (Henri Derksen) writes:
> Hello Richard,
>> https://developer.arm.com/support/arm-security-updates/speculative-
>> processor-vulnerability
>> describes which cores are susceptible to which attacks. The variants
>> that the Pi4âs CPU are vulnerable to are as follows:
>
>> * Variants 1 and 2 (CVE-2017-5753 and CVE-2017-5715) are Spectre. An
>> attacker can bypass validity checks and access data thatâs supposed
>> to be secret.
>
>> * Variant 3A (CVE-2018-3640) is essentially Meltdown but for registers
>> instead of memory. An attacker can bypass CPU-level privilege checks
>> and read access data that is supposed to be secret.
>
>> * Variant 4 (CVE-2018-3639) is a speculative store bypass. An attacker
>> can access data that was supposed to have been overwritten.
>
>> The other Pi CPU cores are not listed and therefore not vulnerable to
>> any known speculation-based attacks.
>
>> Since the original Spectre/Meltdown research, a _lot_ of variants have
>> been identified. Itâs likely that there are more to come. Armâs
>> record has been very good here, but itâs not impossible that future
>> issues may impact Arm cores too.
>
> Can you explain us how we can find out which versions can attack which Pi
> versions?
Find out the CPU core in your Pi (look it up in Wikipedia or something),
then use the table in the URL above.
--
https://www.greenend.org.uk/rjk/
--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | FidoUsenet Gateway (3:770/3)
|