{"id":3741,"date":"2018-01-06T10:28:28","date_gmt":"2018-01-06T02:28:28","guid":{"rendered":"https:\/\/ixyzero.com\/blog\/?p=3741"},"modified":"2018-01-06T10:28:28","modified_gmt":"2018-01-06T02:28:28","slug":"cpu%e7%ba%a7%e6%bc%8f%e6%b4%9e%e4%b9%8bmeltdowncve-2017-5754%e4%b8%8espectrecve-2017-5715-5753","status":"publish","type":"post","link":"https:\/\/ixyzero.com\/blog\/archives\/3741.html","title":{"rendered":"CPU\u7ea7\u6f0f\u6d1e\u4e4bMeltdown(CVE-2017-5754)\u4e0eSpectre(CVE-2017-5715\/5753)"},"content":{"rendered":"<p>=Start=<\/p>\n<h4 id=\"id-\u6a21\u677f-\u7f18\u7531\uff1a\">\u7f18\u7531\uff1a<\/h4>\n<p>\u6700\u8fd1\u8fd92\u4e2aCPU\u7ea7\u522b\u7684\u5b89\u5168\u6f0f\u6d1e\u5b9e\u5728\u662f\u592a\u300c\u706b\u300d\u4e86\uff0c\u867d\u7136\u8bf4\u5e95\u5c42\u7684\u90a3\u4e9b\u673a\u5236\u6211\u4e5f\u4e0d\u662f\u592a\u4e86\u89e3\u2026\u2026\u4f46\u662f\u4f5c\u4e3a\u4e00\u4e2a\u6709\u804c\u4e1a\u7d20\u517b\u7684\u4f01\u4e1a\u5b89\u5168\u4eba\u5458\uff0c\u591a\u82b1\u4e9b\u65f6\u95f4\u5173\u6ce8\u6f0f\u6d1e\u539f\u7406\u3001\u4fee\u590d\u673a\u5236\u3001\u4fee\u590d\u8fdb\u5ea6\u8fd8\u662f\u5f88\u5e94\u8be5\u7684\uff0c\u6240\u4ee5\u5728\u770b\u4e86\u591a\u4e2a\u5173\u4e8eMeltdown\u548cSpectre\u6f0f\u6d1e\u7684\u516c\u544a\u4e4b\u540e\u6574\u7406\u51fa\u6b64\u7bc7\u6587\u7ae0\u3002<\/p>\n<h4 id=\"id-\u6a21\u677f-\u6b63\u6587\uff1a\">\u6b63\u6587\uff1a<\/h4>\n<h5 id=\"id-\u6a21\u677f-\u53c2\u8003\u89e3\u7b54\uff1a\">\u53c2\u8003\u89e3\u7b54\uff1a<\/h5>\n<h3>\u4e00\u3001\u4e8b\u4ef6\u6982\u8ff0<\/h3>\n<p>2018\u5e741\u67084\u65e5\uff0cJann Horn\u7b49\u5b89\u5168\u7814\u7a76\u8005\u62ab\u9732\u4e86\u201dMeltdown\u201d(CVE-2017-5754)\u548c\u201dSpectre\u201d(CVE-2017-5753 &amp; CVE-2017-5715)\u4e24\u7ec4CPU\u7279\u6027\u6f0f\u6d1e\u3002<\/p>\n<p>\u636e\u6089\uff0c\u6f0f\u6d1e\u4f1a\u9020\u6210CPU\u8fd0\u4f5c\u673a\u5236\u4e0a\u7684\u4fe1\u606f\u6cc4\u9732\uff0c\u4f4e\u6743\u9650\u7684\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u6f0f\u6d1e\u6765\u8fdc\u7a0b\u6cc4\u9732\uff08\u6d4f\u89c8\u5668\u5f62\u5f0f\uff09\u7528\u6237\u4fe1\u606f\u6216\u672c\u5730\u6cc4\u9732\u66f4\u9ad8\u6743\u9650\u7684\u5185\u5b58\u4fe1\u606f\u3002<\/p>\n<p>\u5b9e\u9645\u653b\u51fb\u573a\u666f\u4e2d\uff0c\u653b\u51fb\u8005\u5728\u4e00\u5b9a\u6761\u4ef6\u4e0b\u53ef\u4ee5\u505a\u5230\uff1a<\/p>\n<ul>\n<li>\u6cc4\u9732\u51fa\u672c\u5730\u64cd\u4f5c\u7cfb\u7edf\u5e95\u5c42\u8fd0\u4f5c\u4fe1\u606f\uff0c\u79d8\u94a5\u4fe1\u606f\u7b49\uff1b<\/li>\n<li>\u901a\u8fc7\u83b7\u53d6\u6cc4\u9732\u7684\u4fe1\u606f\uff0c\u53ef\u4ee5\u7ed5\u8fc7\u5185\u6838(Kernel)\uff0c\u865a\u62df\u673a\u8d85\u7ea7\u7ba1\u7406\u5668(HyperVisor)\u7684\u9694\u79bb\u9632\u62a4\uff1b<\/li>\n<li>\u4e91\u670d\u52a1\u4e2d\uff0c\u53ef\u4ee5\u6cc4\u9732\u5230\u5176\u5b83\u79df\u6237\u9690\u79c1\u4fe1\u606f\uff1b<\/li>\n<li>\u901a\u8fc7\u6d4f\u89c8\u5668\u6cc4\u9732\u53d7\u5bb3\u8005\u7684\u5e10\u53f7\uff0c\u5bc6\u7801\uff0c\u5185\u5bb9\uff0c\u90ae\u7bb1\uff0ccookie\u7b49\u7528\u6237\u9690\u79c1\u4fe1\u606f\uff1b<\/li>\n<\/ul>\n<p>\u76ee\u524d\u76f8\u5173\u7684\u5e73\u53f0\uff0c\u5382\u5546\uff0c\u8f6f\u4ef6\u63d0\u4f9b\u5546\u90fd\u5728\u79ef\u6781\u5e94\u5bf9\u8be5\u7cfb\u5217\u6f0f\u6d1e\uff0c\u90e8\u5206\u5382\u5546\u63d0\u4f9b\u4e86\u89e3\u51b3\u65b9\u6848\u3002<\/p>\n<h3>\u4e8c\u3001\u6f0f\u6d1e\u4ecb\u7ecd<\/h3>\n<p>\u9488\u5bf9\u82f1\u7279\u5c14\u5904\u7406\u5668\u6d89\u53ca\u5230\u4e24\u79cd\u653b\u51fb\u65b9\u6cd5\uff0c\u5206\u522b\u4e3aMeltdown\u548cSpectre\uff0cMeltdown\u6d89\u53caCVE\u7f16\u53f7CVE-2017-5754\uff0c\u800cSpectre\u6d89\u53caCVE\u7f16\u53f7CVE-2017-5753\u548cCVE-2017-5715\u3002<\/p>\n<p><span style=\"color: #ff0000;\">Meltdown\u7834\u574f\u4e86\u4f4d\u4e8e\u7528\u6237\u548c\u64cd\u4f5c\u7cfb\u7edf\u4e4b\u95f4\u7684\u57fa\u672c\u9694\u79bb\uff0c\u6b64\u653b\u51fb\u5141\u8bb8\u7a0b\u5e8f\u8bbf\u95ee\u5185\u5b58\uff0c\u56e0\u6b64\u5176\u4ed6\u7a0b\u5e8f\u4ee5\u53ca\u64cd\u4f5c\u7cfb\u7edf\u7684\u654f\u611f\u4fe1\u606f\u4f1a\u88ab\u7a83\u53d6\u3002\u8fd9\u4e2a\u6f0f\u6d1e\u201c\u7194\u5316\u201d\u4e86\u7531\u786c\u4ef6\u6765\u5b9e\u73b0\u7684\u5b89\u5168\u8fb9\u754c\u3002<\/span>\u5141\u8bb8\u4f4e\u6743\u9650\u7528\u6237\u7ea7\u522b\u7684\u5e94\u7528\u7a0b\u5e8f\u201c\u8d8a\u754c\u201d\u8bbf\u95ee\u7cfb\u7edf\u7ea7\u7684\u5185\u5b58\uff0c\u4ece\u800c\u9020\u6210\u6570\u636e\u6cc4\u9732\u3002<\/p>\n<p><span style=\"color: #ff0000;\">Spectre\u5219\u662f\u7834\u574f\u4e86\u4e0d\u540c\u5e94\u7528\u7a0b\u5e8f\u4e4b\u95f4\u7684\u9694\u79bb\u3002<\/span>\u95ee\u9898\u7684\u6839\u6e90\u5728\u4e8e\u63a8\u6d4b\u6267\u884c\uff08speculative execution\uff09\uff0c\u8fd9\u662f\u4e00\u79cd\u4f18\u5316\u6280\u672f\uff0c\u5904\u7406\u5668\u4f1a\u63a8\u6d4b\u5728\u672a\u6765\u6709\u7528\u7684\u6570\u636e\u5e76\u6267\u884c\u8ba1\u7b97\u3002\u8fd9\u79cd\u6280\u672f\u7684\u76ee\u7684\u5728\u4e8e\u63d0\u524d\u51c6\u5907\u597d\u8ba1\u7b97\u7ed3\u679c\uff0c\u5f53\u8fd9\u4e9b\u6570\u636e\u88ab\u9700\u8981\u65f6\u53ef\u7acb\u5373\u4f7f\u7528\u3002\u5728\u6b64\u8fc7\u7a0b\u4e2d\uff0c\u82f1\u7279\u5c14\u6ca1\u6709\u5f88\u597d\u5730\u5c06\u4f4e\u6743\u9650\u7684\u5e94\u7528\u7a0b\u5e8f\u4e0e\u8bbf\u95ee\u5185\u6838\u5185\u5b58\u5206\u5f00\uff0c\u8fd9\u610f\u5473\u7740\u653b\u51fb\u8005\u53ef\u4ee5\u4f7f\u7528\u6076\u610f\u5e94\u7528\u7a0b\u5e8f\u6765\u83b7\u53d6\u5e94\u8be5\u88ab\u9694\u79bb\u7684\u79c1\u6709\u6570\u636e\u3002<\/p>\n<h3>\u4e09\u3001\u5f71\u54cd\u8303\u56f4<\/h3>\n<p>\u73b0\u4ee3\u5904\u7406\u5668(CPU)\u7684\u8fd0\u4f5c\u673a\u5236\u4e2d\u5b58\u5728\u4e24\u4e2a\u7528\u4e8e\u52a0\u901f\u6267\u884c\u7684\u7279\u6027\uff0c\u63a8\u6d4b\u6267\u884c(Speculative Execution)\u548c\u95f4\u63a5\u5206\u652f\u9884\u6d4b(Indirect Branch Prediction)\u3002\u8fd9\u4e24\u7ec4CPU\u6f0f\u6d1e\u7684\u5229\u7528\u4f9d\u9760\u63a8\u6d4b\u6267\u884c\u7279\u6027\uff0c\u901a\u8fc7\u7528\u6237\u5c42\u9762\u5e94\u7528\u4eceCPU\u5185\u5b58\u4e2d\u8bfb\u53d6\u6838\u5fc3\u6570\u636e\u3002\u63a8\u6d4b\u6267\u884c\u6280\u672f\u4ece1995\u5e74\u5f00\u59cb\u5e94\u7528\uff0c\u6240\u4ee5\u8fd120\u5e74\u7684Intel\uff0cAMD\uff0cQualcomm\u5382\u5bb6\u548c\u5176\u5b83ARM\u7684\u5904\u7406\u5668\u51e0\u4e4e\u90fd\u53d7\u5230\u5f71\u54cd\u3002<\/p>\n<p>Meltdown\u7684\u5177\u4f53\u5f71\u54cd\u8303\u56f4\uff1a<\/p>\n<blockquote>\n<ul>\n<li>Intel CPU\u7528\u6237\uff1a<strong><span style=\"color: #ff0000;\">\u51e0\u4e4e\u6240\u6709<\/span><\/strong>\uff081995\u5e74\u4e4b\u540e\u7684\u6240\u6709\u7684CPU\u578b\u53f7\uff0c\u9664\u4e862013\u5e74\u4e4b\u524d\u7684Intel \u5b89\u817e\u548cAtom\u5916\uff09<\/li>\n<li>AMD CPU\u7528\u6237\uff1a\u6839\u636eAMD\u516c\u53f8\u7684\u58f0\u660e\uff0c\u76ee\u524dAMD CPU\u4e0d\u53d7Meltdown\u6f0f\u6d1e\u5f71\u54cd<\/li>\n<li>ARM CPU\u7528\u6237\uff1a\u6839\u636eARM\u516c\u53f8\u7684\u58f0\u660e\uff0c\u5305\u62ecCortex-A75\u5728\u5185\u7684<strong>\u5c11\u6570ARM\u6838\u5fc3CPU\u53d7\u5f71\u54cd<\/strong><\/li>\n<\/ul>\n<\/blockquote>\n<p>Spectre\u7684\u5177\u4f53\u5f71\u54cd\u8303\u56f4\uff1a<\/p>\n<blockquote>\n<ul>\n<li>Intel CPU\u7528\u6237\uff1a<span style=\"color: #ff0000;\"><strong>\u51e0\u4e4e\u6240\u6709<\/strong><\/span><\/li>\n<li>AMD CPU\u7528\u6237\uff1a<strong><span style=\"color: #ff0000;\">\u51e0\u4e4e\u6240\u6709<\/span><\/strong><\/li>\n<li>ARM CPU\u7528\u6237\uff1a\u6839\u636eARM\u516c\u53f8\u7684\u58f0\u660e\uff0c\u5305\u62ecCortex-A8\uff0c Cortex-A9\u7b49\u5728\u5185\u7684<strong>\u7ea6\u5341\u79cdARM\u6838\u5fc3CPU\u53d7\u5f71\u54cd<\/strong>\uff0c\u5176\u4ed6\u7c7b\u578b\u7684ARM CPU\u4e0d\u53d7\u5f71\u54cd<\/li>\n<\/ul>\n<\/blockquote>\n<p><strong>\u9664\u4e86CPU\u5382\u5546\u4e4b\u5916\uff0c\u8fd8\u5305\u62ec\u5176\u4e0a\u7684\uff1a<\/strong><\/p>\n<ul>\n<li>\u64cd\u4f5c\u7cfb\u7edf\uff1aWindows\u3001Linux\u3001macOS\u3001Android\uff1b<\/li>\n<li>\u4e91\u670d\u52a1\u63d0\u4f9b\u5546\uff1a\u4e9a\u9a6c\u900a\u3001\u5fae\u8f6f\u3001\u8c37\u6b4c\u3001\u817e\u8baf\u4e91\u3001\u963f\u91cc\u4e91\u7b49\uff1b<\/li>\n<li>\u5404\u79cd\u79c1\u6709\u4e91\u57fa\u7840\u8bbe\u65bd\uff1b<\/li>\n<li>\u684c\u9762\u7528\u6237\u53ef\u80fd\u906d\u9047\u5230\u7ed3\u5408\u8be5\u673a\u7406\u7ec4\u5408\u653b\u51fb\u3002<\/li>\n<\/ul>\n<h3>\u56db\u3001\u76f8\u5173\u516c\u544a<\/h3>\n<ul>\n<li>Intel\n<ul>\n<li><a href=\"https:\/\/newsroom.intel.com\/news\/intel-responds-to-security-research-findings\/\" target=\"_blank\" rel=\"noopener\">https:\/\/newsroom.intel.com\/news\/intel-responds-to-security-research-findings\/<\/a><\/li>\n<li><a href=\"https:\/\/security-center.intel.com\/advisory.aspx?intelid=INTEL-SA-00088&amp;languageid=en-fr\" target=\"_blank\" rel=\"noopener\">https:\/\/security-center.intel.com\/advisory.aspx?intelid=INTEL-SA-00088&amp;languageid=en-fr<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Microsoft\n<ul>\n<li><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/ADV180002\" target=\"_blank\" rel=\"noopener\">https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/ADV180002<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Amazon\n<ul>\n<li><a href=\"https:\/\/aws.amazon.com\/de\/security\/security-bulletins\/AWS-2018-013\/\" target=\"_blank\" rel=\"noopener\">https:\/\/aws.amazon.com\/de\/security\/security-bulletins\/AWS-2018-013\/<\/a><\/li>\n<\/ul>\n<\/li>\n<li>ARM\n<ul>\n<li><a href=\"https:\/\/developer.arm.com\/support\/security-update\" target=\"_blank\" rel=\"noopener\">https:\/\/developer.arm.com\/support\/security-update<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Google\n<ul>\n<li><a href=\"https:\/\/googleprojectzero.blogspot.co.at\/2018\/01\/reading-privileged-memory-with-side.html\" target=\"_blank\" rel=\"noopener\">https:\/\/googleprojectzero.blogspot.co.at\/2018\/01\/reading-privileged-memory-with-side.html<\/a><\/li>\n<li><a href=\"https:\/\/www.chromium.org\/Home\/chromium-security\/ssca\" target=\"_blank\" rel=\"noopener\">https:\/\/www.chromium.org\/Home\/chromium-security\/ssca<\/a><\/li>\n<\/ul>\n<\/li>\n<li>MITRE\n<ul>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=2017-5715\" target=\"_blank\" rel=\"noopener\">http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=2017-5715<\/a><\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=2017-5753\" target=\"_blank\" rel=\"noopener\">http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=2017-5753<\/a><\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=2017-5754\" target=\"_blank\" rel=\"noopener\">http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=2017-5754<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Red Hat\n<ul>\n<li><a href=\"https:\/\/access.redhat.com\/security\/vulnerabilities\/speculativeexecution\" target=\"_blank\" rel=\"noopener\">https:\/\/access.redhat.com\/security\/vulnerabilities\/speculativeexecution<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Xen\n<ul>\n<li><a href=\"http:\/\/xenbits.xen.org\/xsa\/advisory-254.html\" target=\"_blank\" rel=\"noopener\">http:\/\/xenbits.xen.org\/xsa\/advisory-254.html<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Mozilla\n<ul>\n<li><a href=\"https:\/\/blog.mozilla.org\/security\/2018\/01\/03\/mitigations-landing-new-class-timing-attack\/\" target=\"_blank\" rel=\"noopener\">https:\/\/blog.mozilla.org\/security\/2018\/01\/03\/mitigations-landing-new-class-timing-attack\/<\/a><\/li>\n<\/ul>\n<\/li>\n<li>VMware\n<ul>\n<li><a href=\"https:\/\/www.vmware.com\/us\/security\/advisories\/VMSA-2018-0002.html\" target=\"_blank\" rel=\"noopener\">https:\/\/www.vmware.com\/us\/security\/advisories\/VMSA-2018-0002.html<\/a><\/li>\n<\/ul>\n<\/li>\n<li>AMD\n<ul>\n<li><a href=\"https:\/\/www.amd.com\/en\/corporate\/speculative-execution\" target=\"_blank\" rel=\"noopener\">https:\/\/www.amd.com\/en\/corporate\/speculative-execution<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>\u4e94\u3001\u68c0\u6d4b\u65b9\u6cd5<\/h3>\n<p><strong>Windows\u7528\u6237<\/strong>\uff0c\u901a\u8fc7\u4f7f\u7528\u5fae\u8f6f\u516c\u53f8\u53d1\u5e03\u7684\u68c0\u6d4bPowerShell\u811a\u672c\uff0c\u80fd\u591f\u5224\u65adWindows\u7cfb\u7edf\u662f\u5426\u53d7\u6f0f\u6d1e\u5f71\u54cd\u3002<\/p>\n<ol>\n<li>\u9996\u5148\uff0c\u9700\u8981\u5b89\u88c5\u76f8\u5e94\u7684PowerShell\u6a21\u5757\uff0c\u5bf9\u5e94\u547d\u4ee4\uff1aPS&gt; Install-Module SpeculationControl<\/li>\n<li>\u5176\u6b21\uff0c\u9700\u8981\u8c03\u7528\u76f8\u5e94\u811a\u672c\uff0c\u5bf9\u5e94\u547d\u4ee4\uff1aPS&gt; Get-SpeculationControlSettings<\/li>\n<li>\u6700\u540e\uff0c\u5f00\u542f\u7684\u4fdd\u62a4\u4f1a\u663e\u793a\u4e3aTrue\uff0c\u672a\u5f00\u542f\u7684\u4fdd\u62a4\u5219\u4f1a\u663e\u793a\u4e3aFalse\u3002<\/li>\n<\/ol>\n<p><strong>Linux\u7528\u6237<\/strong>\uff0c\u53ef\u4ee5\u901a\u8fc7\u5404\u79cdPoC\u6765\u8fdb\u884c\u9a8c\u8bc1\uff08\u8c28\u614e\u8fdb\u884c\uff09\uff1a<\/p>\n<ul>\n<li><a href=\"https:\/\/github.com\/turbo\/KPTI-PoC-Collection\">https:\/\/github.com\/turbo\/KPTI-PoC-Collection<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/paboldin\/meltdown-exploit\">https:\/\/github.com\/paboldin\/meltdown-exploit<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/raphaelsc\/Am-I-affected-by-Meltdown\">https:\/\/github.com\/raphaelsc\/Am-I-affected-by-Meltdown<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/RealJTG\/Meltdown\">https:\/\/github.com\/RealJTG\/Meltdown<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/Eugnis\/spectre-attack\">https:\/\/github.com\/Eugnis\/spectre-attack<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/ionescu007\/SpecuCheck\">https:\/\/github.com\/ionescu007\/SpecuCheck<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/HarsaroopDhillon\/SpectreExploit\">https:\/\/github.com\/HarsaroopDhillon\/SpectreExploit<\/a><\/li>\n<\/ul>\n<h3>\u516d\u3001\u9632\u5fa1\u65b9\u6cd5\/\u5efa\u8bae<\/h3>\n<p>\u5bf9\u4e8e\u4e00\u822c\u7528\u6237\u800c\u8a00\uff1a<\/p>\n<ul>\n<li><strong><span style=\"color: #ff0000;\">\u5347\u7ea7\u6700\u65b0\u7684\u64cd\u4f5c\u7cfb\u7edf\u548c\u865a\u62df\u5316\u8f6f\u4ef6\u8865\u4e01<\/span><\/strong>\uff1a\u76ee\u524dWindows\u3001Linux\u3001macOS\u3001Xen\u7b49\u90fd\u63a8\u51fa\u4e86\u5bf9\u5e94\u7684\u7cfb\u7edf\u8865\u4e01\uff0c\u5347\u7ea7\u540e\u53ef\u4ee5\u963b\u6b62\u8fd9\u4e9b\u6f0f\u6d1e\u88ab\u5229\u7528\uff1b<\/li>\n<li><span style=\"color: #ff0000;\">\u5347\u7ea7\u6700\u65b0\u7684\u6d4f\u89c8\u5668\u8865\u4e01<\/span>\uff1a\u76ee\u524d\u5fae\u8f6fIE\u3001Edge\u548cFirefox\u90fd\u63a8\u51fa\u4e86\u6d4f\u89c8\u5668\u8865\u4e01\uff0c\u5347\u7ea7\u540e\u53ef\u4ee5\u963b\u6b62\u8fd9\u4e9b\u6f0f\u6d1e\u88ab\u5229\u7528\uff1b<\/li>\n<li><span style=\"color: #ff0000;\">\u7b49\u5f85\u6216\u8981\u6c42\u4f60\u7684\u4e91\u670d\u52a1\u5546\u53ca\u65f6\u66f4\u65b0\u865a\u62df\u5316\u7cfb\u7edf\u8865\u4e01<\/span>\uff1b<\/li>\n<li><strong>\u5b89\u88c5\u5b89\u5168\u8f6f\u4ef6<\/strong>\uff1a\u5b89\u5168\u8f6f\u4ef6\u4e00\u822c\u4f1a\u5728\u7b2c\u4e00\u65f6\u95f4\u53d1\u73b0\u53ef\u80fd\u7684\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u7684\u653b\u51fb\u7a0b\u5e8f\u5e76\u8fdb\u884c\u6740\u9664\u53ca\u9632\u62a4\uff1b<\/li>\n<li><span style=\"color: #ff0000;\"><strong>\u907f\u514d\u5b89\u88c5\u6765\u8def\u4e0d\u660e\u7684\u8f6f\u4ef6<\/strong><\/span>\u3002<\/li>\n<\/ul>\n<h5 id=\"id-\u6a21\u677f-\u53c2\u8003\u94fe\u63a5\uff1a\">\u53c2\u8003\u94fe\u63a5\uff1a<\/h5>\n<ul>\n<li><a href=\"https:\/\/meltdownattack.com\/\">https:\/\/meltdownattack.com\/<\/a><\/li>\n<li><a href=\"https:\/\/spectreattack.com\/\">https:\/\/spectreattack.com\/<\/a><\/li>\n<li><a href=\"https:\/\/access.redhat.com\/articles\/3311301\">https:\/\/access.redhat.com\/articles\/3311301<\/a><\/li>\n<li><a href=\"https:\/\/mp.weixin.qq.com\/s\/2FvvFUT8taRPv6GOHzNW-g\">https:\/\/mp.weixin.qq.com\/s\/2FvvFUT8taRPv6GOHzNW-g<\/a><\/li>\n<li><a href=\"http:\/\/mp.weixin.qq.com\/s\/x_ny_KYSb6Wvp98AzI1B6Q\">http:\/\/mp.weixin.qq.com\/s\/x_ny_KYSb6Wvp98AzI1B6Q<\/a><\/li>\n<li><a href=\"http:\/\/threat.guanjia.qq.com\/detail\/26.html\">http:\/\/threat.guanjia.qq.com\/detail\/26.html<\/a><\/li>\n<li><a href=\"https:\/\/www.anquanke.com\/post\/id\/93599\">https:\/\/www.anquanke.com\/post\/id\/93599<\/a><\/li>\n<li><a href=\"https:\/\/www.anquanke.com\/post\/id\/93735\">https:\/\/www.anquanke.com\/post\/id\/93735<\/a><\/li>\n<\/ul>\n<p>=END=<\/p>\n","protected":false},"excerpt":{"rendered":"<p>=Start= \u7f18\u7531\uff1a \u6700\u8fd1\u8fd92\u4e2aCPU\u7ea7\u522b\u7684\u5b89\u5168\u6f0f\u6d1e\u5b9e\u5728\u662f\u592a\u300c\u706b\u300d\u4e86\uff0c\u867d\u7136\u8bf4\u5e95\u5c42\u7684\u90a3\u4e9b\u673a\u5236\u6211\u4e5f\u4e0d\u662f\u592a\u4e86\u89e3\u2026\u2026 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23,25],"tags":[946,1021,1019,1020],"class_list":["post-3741","post","type-post","status-publish","format-standard","hentry","category-knowledgebase-2","category-security","tag-cpu","tag-kpti","tag-meltdown","tag-spectre"],"views":10738,"_links":{"self":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/3741","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/comments?post=3741"}],"version-history":[{"count":1,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/3741\/revisions"}],"predecessor-version":[{"id":3742,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/3741\/revisions\/3742"}],"wp:attachment":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/media?parent=3741"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/categories?post=3741"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/tags?post=3741"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}