Csdrhrt

While AMD chips appear to be immune to Meltdown and are apparently largely unaffected by Spectre, Intel chips seem to be broadly affected.

Information is scarce on which Intel CPUs architectures start and end to be impacted - are core 2 duo/quad included? Pentiums? Atoms? What about core i3/5/7/9, are they all affected up to and including series 8xxx?

This Intel Public website has been updated recently with the full details of affected Intel products. Relevant text and listing has been quoted as following.

The following Intel®-based platforms are impacted by this issue. Intel may modify this list at a later time. Please check with your system vendor or equipment manufacturer (see links above) for more information regarding your system.

• Intel® Core™ i3 processor (45nm and 32nm)


• Intel® Core™ i5 processor (45nm and 32nm)


• Intel® Core™ i7 processor (45nm and 32nm)


• Intel® Core™ m processor family (45nm and 32nm)


• 2nd generation Intel® Core™ processors


• 3rd generation Intel® Core™ processors


• 4th generation Intel® Core™ processors


• 5th generation Intel® Core™ processors


• 6th generation Intel® Core™ processors


• 7th generation Intel® Core™ processors


• 8th generation Intel® Core™ processors


• Intel® Core™ X-series processor family for Intel® X99 platforms


• Intel® Core™ X-series processor family for Intel® X299 platforms


• Intel® Xeon® processor 3400 series


• Intel® Xeon® processor 3600 series


• Intel® Xeon® processor 5500 series


• Intel® Xeon® processor 5600 series


• Intel® Xeon® processor 6500 series


• Intel® Xeon® processor 7500 series


• Intel® Xeon® processor E3 family


• Intel® Xeon® processor E3 v2 family


• Intel® Xeon® processor E3 v3 family


• Intel® Xeon® processor E3 v4 family


• Intel® Xeon® processor E3 v5 family


• Intel® Xeon® processor E3 v6 family


• Intel® Xeon® processor E5 family


• Intel® Xeon® processor E5 v2 family


• Intel® Xeon® processor E5 v3 family


• Intel® Xeon® processor E5 v4 family


• Intel® Xeon® processor E7 family


• Intel® Xeon® processor E7 v2 family


• Intel® Xeon® processor E7 v3 family


• Intel® Xeon® processor E7 v4 family


• Intel® Xeon® processor Scalable family


• Intel® Xeon Phi™ processor 3200, 5200, 7200 series


• Intel Atom® processor C series


• Intel Atom® processor E series


• Intel Atom® processor A series


• Intel Atom® processor x3 series


• Intel Atom® processor Z series


• Intel® Celeron® processor J series


• Intel® Celeron® processor N series


• Intel® Pentium® processor J series


• Intel® Pentium® processor N series

The product listing was likely added between 16 and 17 January 2018, looking at the page history on the Internet Archive Wayback Machine and hinted by this thread on Intel Communities.

The original release of information was found at Intel Product Security Center, dated 3 January 2018 and was revised on 17 January 2018 (tally with updated listing on Intel public website).

Additional list

According to contributors on GitHub, at least one variant of bug seems to affect legacy CPU products. Unfortunately, there seems to be no simple listing that can be pasted here.

See issue 19 on paboldin/meltdown-exploit, which was found via issue 104 on speed47/spectre-meltdown-checker. There are 245 comments to this updated date, and each comment may contain more than one model of CPU. Visit the link and use Ctrl+F to look for your CPU model.

Detailed information with links to security advisories are available for Spectre via fossbytes.com and Meltdown via thehackernews.com. Notice that both Spectre and Meltdown sites seem to contain similar information and hosted by the same university.

Following are relevant text that have been quoted.

Which systems are affected by Meltdown?

Desktop, Laptop, and Cloud computers may be affected by Meltdown. More technically, every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013). We successfully tested Meltdown on Intel processor generations released as early as 2011. Currently, we have only verified Meltdown on Intel processors. At the moment, it is unclear whether ARM and AMD processors are also affected by Meltdown.

Which systems are affected by Spectre?

Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers, as well as Smartphones. More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. In particular, we have verified Spectre on Intel, AMD, and ARM processors.

These are more or less direct answers. I have not seen anything more detailed than the provided information (before Intel had published the list of affected products).

Affected Chrome OS devices

The Chromium Projects has noted some information on this page via Android Authority. The project lists the status of mitigations for CVE-2017-5754 (Meltdown) for each Chrome OS device. That listing mentions in terms of architecture i.e. x86_64, which likely include Intel CPU as well.

How is that information useful? Well, not useful as it is. I have to do further search and use a spreadsheet to filter relevant information.

Tailored detail and information

For existing information to be more useful, I had to do the following in a spreadsheet (I am using LibreOffice Calc, if that does matter):

• Copy-paste each HTML table, enable auto-filter and filter the search criteria as appropriate (Hint: mitigation "Yes", "No"; kernel ABI "x86", "x86_64");


• Use workarounds to clean up pasted data i.e. non-printing characters and to match variable codename by wildcard pattern;


• Match the "Public codename" from the mentioned page The Chromium Project as reference against "Board name" from Developer Information for Chrome OS Devices, then show string of match result from "Platform";


• Count number of hits for each unique platform in the match result;


• Add a new column to manually fill in the available year for each architecture in the match result based on List of Intel CPU microarchitectures on Wikipedia;


• Select the new column (year) and sort by Ascending;


• Sum number of hits for each architecture to double-check result (total hits).

The resulting table that I have is this:

-----------------------------------

platform        hits    year (line)

-----------------------------------

SandyBridge     2       2011

IvyBridge       2       2012

Haswell         10      2013

Broadwell       9       2014

Skylake         6       2015

Kabylake        1       2016

BayTrail        31      2013 (Atom)

Braswell        22      2014 (Atom)

ApolloLake      3       2016 (Atom)

not found       10      nil

-----------------------------------

total hits      96  

-----------------------------------

The "total hits" is same as number of affected Chrome OS devices from the mentioned page The Chromium Project. That is, 96 of 142 records found at this time of finding.

The "not found" tells either some codenames have irregular suffix that did not match with wildcard pattern or, codename itself was not found in the list of known Chrome OS devices.

Quoted text from the FAQ with emphasis mine:

[...] effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013) [...]

That is indeed tally with my manual finding of reportedly affected platform of Chrome OS devices: BayTrail, Braswell, ApolloLake (2013, 2014, 2016 Atom line). Intel Atom before 2013 was not found, at least from the list of affected Chrome OS devices.

This answer takes an end-user approach of using spreadsheet to narrow down list of affected Intel processors, solely based on relevant information from The Chromium Project. No other information was used for filtering data in the spreadsheet.