| Vulnerability | CVE | Exploit name | Public vulnerability name | Firmware changes |
|---|---|---|---|---|
| Spectre | 2017-5753 | Variant 1 | Bounds Check Bypass (BCB) | No |
| Spectre | 2017-5715 | Variant 2 | Branch Target Injection (BTI) | Yes |
| Meltdown | 2017-5754 | Variant 3 | Rogue Data Cache Load (RDCL) | No |
| Spectre-NG | 2018-3640 | Variant 3a | Rogue System Register Read (RSRE) | Yes |
| Spectre-NG | 2018-3639 | Variant 4 | Speculative Store Bypass (SSB) | Yes |
| Spectre-NG | 2018-3665 | Lazy FP State Restore | No | |
| Spectre-NG | 2018-3693 | Variant 1.1 | Bounds Check Bypass Store (BCBS) | No |
| Spectre | Variant 1.2 | Read-only protection bypass (RPB) | ||
| SpectreRSB | Return Mispredict | |||
| TLBleed | TLBleed | |||
| L1 Terminal Fault SGX | 2018-3615 | Foreshadow SGX | Yes | |
| L1 Terminal Fault OS/SMM | 2018-3620 | Foreshadow NG OS/SMM | Yes | |
| L1 Terminal Fault VMM | 2018-3634 | Foreshadow NG VMM | Yes |
This is a simple post in order to have a list of speculative execution vulnerabilities that have appeared during the last year. If some new ones appeared I will have to update it at some time in time. Do not take this post as an immediate source of information. Others do better and quicker than I.
Sources:
https://www.bleepingcomputer.com/news/security/new-spectre-11-and-spectre-12-cpu-flaws-disclosed/
https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)
https://www.theregister.co.uk/2018/06/22/intel_tlbleed_key_data_leak/
https://www.vusec.net/projects/tlbleed/
If you find the articles in Adminbyaccident.com useful to you, please consider making a donation.
Use this link to get $200 credit at DigitalOcean and support Adminbyaccident.com costs.
Get $100 credit for free at Vultr using this link and support Adminbyaccident.com costs.
Mind Vultr supports FreeBSD on their VPS offer.