'Kernel memory leaking' Intel processor design flaw forces Linux, Windows


Well, the ad campaign for the new Coffee Lake chipset just wrote itself!


A new dawn Ryzen?


At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.

Ah Developers, those scamps…


So, er, how do I find out whether this will affect me?

Currently visible announcements at debian.org/security do not seem relevant.

My computer is super old (Pentium III) so maybe updates won’t make any difference, but if they do I’m hosed. I can already barely do normal things like render today’s web pages or play today’s video files.


The vulnerability affects sixth, seventh and eighth generation Core chips (Skylake, Kaby Lake and Kaby Lake R), along with Pentium, Celeron, Atom and multiple Xeon chips.

Assuming they mean the “Pentium, Celeron, Atom and multiple Xeon chips” that coincide with the ^, 7 & 8 Gen Core procs, you’re safe.


It also makes me wonder if the whole legacy design structure where the system is secured like a multi-user server even when it’s really a single-user device is worth the gratuitous complexity.

And this “speculative execution” stuff is pretty wack. YO DAWG I HEARD YOU LIKE CODE


Potentially bad news.

Speculative execution was introduced on the Pentium II, so it effectively means that all Intel chips since then will be slower.


This sucks. A month or two ago I paid for a really fast computer, and now it looks like it will slow down by 20% +/- 5% or so. I think Intel should supply me with a new chip that’s not broken, and send out an experienced technician to replace it, with all the heat conducting goo and what not done properly. Like that’s going to happen.


I’m reading this and my mind is just blown that not only is this a thing but that it was a thing for so long. So hooray for all that exotic stuff like DEP, ASLR, VDI, NX, hypervisors and so on that can be theoretically bypassed with this (I’ll be very interested to see what the actual exploit is once it’s out of embargo… and while we’re at it, how shitty is it that this is embargoed).

I can see this being a big boon for AMD if played right.


Phoronix have been doing some benchmarks on the new Linux kernel


The new kernel is also treating AMD chips as insecure until the developers can prove otherwise



Similar operating systems, such as Apple’s 64-bit macOS, will also need
to be updated – the flaw is in the Intel x86-64 hardware

I’ve got Core 2 Duo, so I’m boned, it looks like.

Wikipedia: The Core 2 brand refers to Intel’s x86/x86-64 microprocessors

It has to be fixed in software at the OS level

current OSes won’t run on my chip.
they’re not gonna make a fix for me, are they?

or go buy a new processor without the design blunder.

I’ve never replaced a chip before. I did manage to open up current and last laptops using ifixit and do some stuff. Would a good chip run on an old MacBook (not Pro, just MB)? Are they expensive? I probably need to upgrade my computer but money’s really tight.


You probably need to google what motherboard you have so you can find out what pin layout you got. Then you can find out what processors you can use.


Apple hardware has a reputation for not being easily upgradable.

You should check to see if you’re running 32-bit OS X or 64-bit. It sounds like you might be safe if you’re running 32-bit.

You may also be able to install the 32-bit OS and fix the issue that way.


The line 64-bit Kernel and Extensions will say Yes if you are running the 64-bit kernel and No if you are running the 32-bit kernel.

00 PM

dodged a bullet, looks like. My computer sucks, but ironically that makes it safe from the design flaw. It is a Core 2 Duo not Core 2, which is capable of 64-Bit and according to the Stack Exchange thread MBPs with C2D all run that way but not my regular MB, I guess.

Note: Mac OS X 10.6 Snow Leopard is the last release that a 32-bit
Intel Mac can run, Mac OS X 10.7 Lion and up are, by default, 64-bit.
Additionally, System Profiler was renamed to System Information in OS X 10.7.

I guess this explains why Lion mysteriously disappeared after I installed it? My guy went over the requirements and was like “you can install Lion (10.7.0) but no higher.” We booted it up and it ran the little movie and showed 10.7 on the About This Mac. But then at some point, it reverted back to 10.6.8. I had a falling out with that guy before I noticed and I’m too dumb to do the installation myself but looks like it was just a fluke according to above quote.

thanks for helping me :smile:


Glad to hear the fix was so easy! Although you should keep an eye on this bug, to see if it ends up affecting the 32-bit instruction set as well. The stuff I’ve found so far seems to indicate that it’s only a 64-bit issue, but I haven’t done enough research to feel comfortable guaranteeing that.


Here’s the disclosure:

It’s way, way worse than originally anticipated. It affects Intel, AMD, and certain ARM processors to varying degrees of severity.


Microsoft Patches are live for your Test environments.

Remember - Every Company has a test environment. Some companies also have a separate production environment.


Here’s a great explainer about these vulns and why they are so bad.


Holy shit.