• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

SWAPGS: Another Speculative Side Channel Vulnerability

Joined
Aug 19, 2017
Messages
382 (0.40/day)
Yet another CPU vulnerability was discovered today, called SWAPGS, revealed under the code CVE-2019-1125, as it is referred to in the industry. The vulnerability was discovered twelve months ago and got privately reported to Intel by a security researcher. It's supposedly present on both AMD and Intel CPUs, but was only proven to work on Intel platforms by Bitdefender security researchers. Red Hat issued a statement which states that both platforms are affected and that users should upgrade their systems as soon as possible. Microsoft already implemented a fix with its "Patch Tuesday" update for last month, so if you updated your OS recently, you are already protected against SWAPGS.

AMD issued as statement as well, in which it says: "AMD is aware of new research claiming new speculative execution attacks that may allow access to privileged kernel data. Based on external and internal analysis, AMD believes it is not vulnerable to the SWAPGS variant attacks because AMD products are designed not to speculate on the new GS value following a speculative SWAPGS. For the attack that is not a SWAPGS variant, the mitigation is to implement our existing recommendations for Spectre variant 1."



How SWAPGS works
SWAPGS is a Spectre-type exploit, which takes advantage of the processor's branch prediction (predicting when to switch instruction sequence to improve performance). The processor speculates which instruction sequence is most likely to run next and prepares its internal states for that. When observing these instructions, possibly sensitive data could be revealed by observing timing results.

SWAPGS comes into play because it is an exploit similar to Spectre. It is named after x86-64 instruction called SWAPGS which swaps the GS register (only one of the segment registers which build a complete memory address), with a value intended to be used during kernel operations. Because of its nature, SWAPGS does not perform any kind correction on data it uses, thus an attack can be performed. During the swapping period, attacker can insert any value without getting errors or warning by the processor.

Mitigations
As you know, for Spectre and Meltdown, there aren't too many mitigations that are built into hardware, and the industry still largely depends on software/firmware-level mitigations that negatively affect performance. Only the most recent processor models from AMD and Intel have hardware mitigations. For now Microsoft already pushed the update to its Windows OSes and kernel patches for any *nix based OS should have been implemented as well. Performance impact of these patches is still unknown.

Update: Performance impact of the SWAPGS mitigation has been tested with the latest Linux kernel. Phoronix benchmarked Intel's Core i9 9900K and they found a 1-5% reduction in performance for synthetic benchmarks with a general reduction of 1% on average when accounting for all benchmarks. You can check out their performance results here.

View at TechPowerUp Main Site
 
Joined
Dec 31, 2009
Messages
17,025 (4.55/day)
Well... another one. Does this affect more data center/VM than home like most of these?


Yet another CPU vulnerability was discovered today, called SWAPGS, revealed under the code CVE-2019-1125 as it is referred to in the industry. The vulnerability was discovered 12 months ago and got privately reported to Intel by a security researcher. It's supposedly present on both AMD and Intel CPUs, but was only proven to work on Intel platforms by Bitdefender security researchers.
Please fire the proofreader. :p

Grammarly FTW! :)
 
Last edited:
Joined
Nov 18, 2010
Messages
4,973 (1.45/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor Intel 5960X @ 4.4GHz
Motherboard Gigabyte GA-X99-UD3
Cooling Custom Loop. 360+240 rads. 5x Nidec Servo Gentle Typhoons. AC CUPLEX KRYOS NEXT.
Memory 4x8GB Corsair Vengeance LPX 3000MHz 15-17-17-36 CR1
Video Card(s) ASUS 1080 Ti FE + water block
Storage Optane 900P + Samsung PM981 NVMe 1TB + 750 EVO 500GB
Display(s) Philips PHL BDM3270
Case Phanteks Enthoo Evolv ATX Tempered Glass
Audio Device(s) Sound Blaster ZxR
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer Deathstalker
Software Windows 10 insider
It almost seems like some force is driving it.

After a year my CPU will need an upgrade just because it is patched like a stiff mummy and won't perform just because of these issues. Kinda win situation for manufacturers.
 
Joined
Nov 18, 2010
Messages
4,973 (1.45/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor Intel 5960X @ 4.4GHz
Motherboard Gigabyte GA-X99-UD3
Cooling Custom Loop. 360+240 rads. 5x Nidec Servo Gentle Typhoons. AC CUPLEX KRYOS NEXT.
Memory 4x8GB Corsair Vengeance LPX 3000MHz 15-17-17-36 CR1
Video Card(s) ASUS 1080 Ti FE + water block
Storage Optane 900P + Samsung PM981 NVMe 1TB + 750 EVO 500GB
Display(s) Philips PHL BDM3270
Case Phanteks Enthoo Evolv ATX Tempered Glass
Audio Device(s) Sound Blaster ZxR
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer Deathstalker
Software Windows 10 insider
Where did it say this affects performance?
All of them does. Each prediction algos do speedups(the performance magic intel had). As it is spectre based obviously. Disabling, changing them on software level with microcode means latency. And it is bad. It wouldn't be that if it would be only one. Now they stack up like germs.
 
Joined
Sep 15, 2015
Messages
666 (0.40/day)
Location
Latvija
System Name Fujitsu Siemens, HP Workstation
Processor Athlon x2 5000+ 3.1GHz, i5 2400
Motherboard Asus
Memory 4GB Samsung
Video Card(s) rx 460 4gb
Storage 750 Evo 250 +2tb
Display(s) Asus 1680x1050 4K HDR
Audio Device(s) Pioneer
Power Supply 430W
Mouse Acme
Keyboard Trust
If i haw downloaded latest 10 RS6 updated iso. i safe?
 
Joined
Apr 18, 2019
Messages
242 (0.69/day)
Location
USA - It's complicated
System Name Daily Driver(gaming, browsing, light web dev.)
Processor Ryzen 7 3800X
Motherboard Gigabyte X570 Aurus Pro Wifi
Cooling Corsair H60 w/Nidec GentleTyphoon
Memory 16GB(2x8) G.Skill FlareX DDR4-3200C14
Video Card(s) Sapphire Vega 64
Storage Samsung 970 EVO+ 1TB (Boot/OS) | Samsung 860 EVO 1TB (Games) | 2 x WD Spinners 1TB/500GB(BU)
Display(s) 2 X AOC Q3279VWFD8 - 10bit IPS 1440p @ 75hz FreeSync over DP
Case Corsair Graphite 600T w/mesh side
Audio Device(s) Logitech Z625 2.1 | cheapo gaming headset when mic is needed
Power Supply Corsair HX850i
Mouse Logitech G602
Keyboard Corsair K70 Lux - Blue on Black
Software Windows 10 Pro x64
Benchmark Scores Not really a benchmark guy...
I'm not shocked, once they opened that can of worms, there has been a pretty steady stream of exploits.
 
Joined
Aug 2, 2012
Messages
602 (0.22/day)
Location
Netherlands
System Name TheDeeGee's PC
Processor Intel Core i7 4770K
Motherboard Gigabyte Z87X-UD5H
Cooling Noctua NH-U14S
Memory Crucial Ballistix Tactical LP 16GB
Video Card(s) MSI GTX 1070 AERO OC
Storage Crucial M4 256GB, 2x Western Digital 1TB 2,5"
Display(s) EIZO CX240
Case Antec P280
Audio Device(s) Creative SoundBlaster ZxR
Power Supply Seasonic P-760
Mouse Logitech G500s
Keyboard Logitech G710+
Software Windows 10 Pro 64-Bit
I went from a 4770K to my old 950 in two years time... what the heck man...
 
Joined
Apr 30, 2011
Messages
1,539 (0.47/day)
Location
Greece
Processor AMD Ryzen 5 2600X@95W
Motherboard MSI B450 Tomahawk MAX
Cooling Zalman CNPS5X PERFORMA
Memory 2*8GB PATRIOT PVS416G373C7K@3200MT-c16
Video Card(s) Sapphire Radeon RX 5700 Pulse 8GB
Storage Sandisk SSD 120GB, INTEL 540S SSDSCKKW180H6 180GB, Samsung F1 1TB, Hitachi HUS724040ALE640 4TB
Display(s) LG IPS235
Case SHARKOON M25-W 7.1 BLACK
Audio Device(s) Realtek 7.1 onboard
Power Supply Zalman Z550
Mouse Sharkoon SHARK Force Black
Keyboard Trust GXT280
Software Win 7 sp1 64bit/Win 10 pro 64bit
Benchmark Scores CB R15 64bit: single core 163p, multicore 1223p
Most vulenrabilities are closely tied with the CPU arch, so Intel continues delivering most of those. Simple math.
 
Joined
Sep 17, 2014
Messages
11,422 (5.65/day)
Location
Mars
Processor i7 8700k 4.7Ghz @ 1.26v
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) MSI GTX 1080 Gaming X @ 2100/5500
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Eizo Foris FG2421
Case Fractal Design Define C TG
Power Supply EVGA G2 750w
Mouse Logitech G502 Protheus Spectrum
Keyboard Sharkoon MK80 (Brown)
Software W10 x64
It almost seems like some force is driving it.

After a year my CPU will need an upgrade just because it is patched like a stiff mummy and won't perform just because of these issues. Kinda win situation for manufacturers.
Funny huh, how it all coincides with Moore's Law going to the shitter.
 
Joined
Oct 30, 2008
Messages
1,738 (0.42/day)
Processor 5930K
Motherboard MSI X99 SLI
Cooling WATER
Memory 16GB DDR4 2132
Video Card(s) EVGAY 1080 nilla
Storage SEVERAL SSD"S
Display(s) Catleap/Yamakasi 2560X1440
Case D Frame MINI drilled out
Audio Device(s) onboard
Power Supply Corsair TX750
Mouse DEATH ADDER
Keyboard Razer Black Widow Tournament
Software W10HB
Benchmark Scores PhIlLyChEeSeStEaK
Joined
Nov 18, 2010
Messages
4,973 (1.45/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor Intel 5960X @ 4.4GHz
Motherboard Gigabyte GA-X99-UD3
Cooling Custom Loop. 360+240 rads. 5x Nidec Servo Gentle Typhoons. AC CUPLEX KRYOS NEXT.
Memory 4x8GB Corsair Vengeance LPX 3000MHz 15-17-17-36 CR1
Video Card(s) ASUS 1080 Ti FE + water block
Storage Optane 900P + Samsung PM981 NVMe 1TB + 750 EVO 500GB
Display(s) Philips PHL BDM3270
Case Phanteks Enthoo Evolv ATX Tempered Glass
Audio Device(s) Sound Blaster ZxR
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer Deathstalker
Software Windows 10 insider
D

Deleted member 158293

Guest
More vulnerabilities cause... Why not?!

Don't know about anybody else, but the old saying "no admin ever got fired for buying Intel" is starting to be strained cause I'm sure starting to get a lot of questions. Even on a corporate level it feels like things are starting to change.
 
Joined
Jan 6, 2013
Messages
152 (0.06/day)
I am getting bored of these...I am starting to believe that most researching are scratching their asse...heads now to find something and gain some press.
F*** it, you will always find vulnerabilities, cause nothings perfect in this world. But I really hate this whole craze of finding more and more vulnerabilities...
 
Joined
Oct 12, 2008
Messages
31 (0.01/day)
System Name Tim
Processor AMD Ryzen Threadripper 1950X
Motherboard MSI X399 Gaming Pro Carbon
Cooling Noctua NH-U14S TR4-SP3
Memory 32 GiB DDR4-2400 ECC/U
Video Card(s) Radeon Radeon VII (16 GiB)
Storage Intel Optane 900P (280 GB, NVMe) + Samsung 950 Pro (512 GB, NVMe)
Display(s) HP Pavilion 32 (MVA)
Case Corsair Vengeance C70 (Green)
Audio Device(s) Realtek ALC1220 -> S/PDIF TOSLINK -> BT Transceiver -> Sennheiser HD 4.40 BT
Power Supply Seasonic Platinum 1000
Mouse Logitech G603 (Wireless)
Keyboard Rosewill RK-9000 V2 (MX Blue)
Software Debian Testing (64-bit)
I am getting bored of these...I am starting to believe that most researching are scratching their asse...heads now to find something and gain some press.
F*** it, you will always find vulnerabilities, cause nothings perfect in this world. But I really hate this whole craze of finding more and more vulnerabilities...
You're getting mad at the good guys...I think by accident.
 
Joined
Jul 9, 2015
Messages
2,122 (1.23/day)
System Name My all round PC
Processor i5 750
Motherboard ASUS P7P55D-E
Memory 8GB
Video Card(s) Sapphire 380 OC... sold, waiting for Navi
Storage 256GB Samsung SSD + 2Tb + 1.5Tb
Display(s) Samsung 40" A650 TV
Case Thermaltake Chaser mk-I Tower
Power Supply 425w Enermax MODU 82+
Software Windows 10
Another Intel exclusive, yeehaaa. Oh wait.

Only the most recent processor models from AMD and Intel have hardware mitigations.
None of the AMD's CPUs was affected by Meltdown, you bloody Intel shill.

More vulnerabilities cause... Why not?!

Don't know about anybody else, but the old saying "no admin ever got fired for buying Intel" is starting to be strained cause I'm sure starting to get a lot of questions. Even on a corporate level it feels like things are starting to change.
128704
 
Joined
Apr 18, 2019
Messages
242 (0.69/day)
Location
USA - It's complicated
System Name Daily Driver(gaming, browsing, light web dev.)
Processor Ryzen 7 3800X
Motherboard Gigabyte X570 Aurus Pro Wifi
Cooling Corsair H60 w/Nidec GentleTyphoon
Memory 16GB(2x8) G.Skill FlareX DDR4-3200C14
Video Card(s) Sapphire Vega 64
Storage Samsung 970 EVO+ 1TB (Boot/OS) | Samsung 860 EVO 1TB (Games) | 2 x WD Spinners 1TB/500GB(BU)
Display(s) 2 X AOC Q3279VWFD8 - 10bit IPS 1440p @ 75hz FreeSync over DP
Case Corsair Graphite 600T w/mesh side
Audio Device(s) Logitech Z625 2.1 | cheapo gaming headset when mic is needed
Power Supply Corsair HX850i
Mouse Logitech G602
Keyboard Corsair K70 Lux - Blue on Black
Software Windows 10 Pro x64
Benchmark Scores Not really a benchmark guy...
Joined
Aug 20, 2007
Messages
12,678 (2.75/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) AMD RX 5700 XT (XFX THICC Ultra III)
Storage Mushkin Pilot-E 2TB NVMe SSD w/ EKWB M.2 Heatsink
Display(s) 32" 1440p LG 32GK850F Freesync 2 Monitor based on an AU Optronics true 8-bit AMVA Panel
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply SeaSonic Prime 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (yes, it's legit.)
They've come out before and said it doesn't, period. If they know, why not say it now but they did previously?
Yeah. Not buying it.

None of the AMD's CPUs was affected by Meltdown, you bloody Intel shill.
This is a spectre class vulnerability and has nothing to do with meltdown (Spectre affects both). Nice try.
 
Top