Security Software

Processors Affected: Microarchitectural Data Sampling

Processors Affected by Microarchitectural Data Sampling

For more information on microarchitectural data sampling (MDS) refer to the MDS disclosure and the Deep Dive: Intel Analysis of Microarchitectural Data Sampling.

CPUID.(EAX=7H,ECX=0):EDX[MD_CLEAR=10] enumerates support for additional functionality that will flush microarchitectural structures as listed below.

  1. On execution of the (existing) VERW instruction where its argument is a memory operand.
  2. On setting the L1D_FLUSH command (on processors that enumerate both CPUID.(EAX=7H,ECX=0):EDX[MD_CLEAR=10] and CPUID.(EAX=7H,ECX=0):EDX[L1D_FLUSH=28] bit in the IA32_FLUSH_CMD MSR).
  3. On execution of the RSM instruction.
  4. On entry to, or exit from an Intel® Software Guard Extensions (Intel® SGX) enclave.

The following MSR enumeration enables software to check if the processor is affected by MDS methods:

A value of 1 indicates that the processor is not affected by RDCL or L1TF. In addition, a value of 1 indicates that the processor is not affected by MFBDS.

  • IA32_ARCH_CAPABILTIES[0]: RDCL_NO
  • IA32_ARCH_CAPABILITIES[5]: MDS_NO

    A value of 1 indicates that processor is not affected by MFBDS/MSBDS/MLPDS/MDSUM.

Note that MFBDS is mitigated if either the RDCL_NO or MDS_NO bit (or both) are set. Some existing processors may also enumerate either RDCL_NO or MDS_NO only after a microcode update is loaded.

Note: Future processors set the MDS_NO bit in IA32_ARCH_CAPABILITIES to indicate they are not affected by microarchitectural data sampling. Such processors will continue to enumerate the MD_CLEAR bit in CPUID. As none of these data buffers are vulnerable to exposure on such parts, no data buffer overwriting is required or expected for such parts, despite the MD_CLEAR indication. Software should look to the MDS_NO bit to determine whether buffer overwriting mitigations are required.

Note:Processors that are not explicitly listed in this table, like processors based on Itanium® microarchitecture, are not affected by MDS.

Note: For Intel® SGX, the MD_CLEAR and MDS_NO bits are also indirectly reflected in the Intel SGX Remote Attestation data.

Note: All processors affected by MSBDS, MFBDS, or MLPDS are also affected by MDSUM for the relevant buffers. For example, a processor that is only affected by MSBDS but is not affected by MFBDS or MLPDS would also be affected by MDSUM for store buffer entries only.

Intel expects the following products are potentially affected by microarchitectural data sampling issues. For affected steppings cross-check against the list of updated microcode versions.

Table 6: List of MDS-affected processors by Family/Model
Family_Model Step Processor Families /
Processor Number Series
 
MFBDS MSBDS MLPDS
06_2EH All Intel Xeon processor 7500, 6500 series (Nehalem-EX) Yes Yes Yes
06_1EH, 06_1FH All Intel Core i7 and i5 Processors (Nehalem, Nehalem-G) Yes Yes Yes
06_1AH All Intel Core i7 Processor, Intel Xeon processor 3400, 3500, 5500 series (Nehalem-EP) Yes Yes Yes
06_2FH All Intel Xeon Processor E7 Family (Westmere-EX) Yes Yes Yes
06_25H, 06_2CH All Intel Xeon processors 3600, 5600 series, Intel Core i7, i5 and i3 Processors (Westmere, Westmere-EP) Yes Yes Yes
06_2DH All Intel Xeon processor E5 Family based on Intel microarchitecture code name Sandy Bridge, Intel Core i7-39xx Processor Extreme Edition Yes Yes Yes
06_2AH All Intel Xeon processor E3-1200 product family; 2nd Generation Intel Core i7, i5, i3 Processors 2xxx Series (Sandy Bridge) Yes Yes Yes
06_3EH All Intel Xeon processor E7-8800/4800/2800 v2 product families based on Ivy Bridge-E microarchitecture Yes Yes Yes
06_3EH All Intel Xeon processor E5-2600/1600 v2 product families and Intel Xeon processor E5-2400 v2 product family based on Ivy Bridge-E microarchitecture, Intel Core i7-49xx Processor Extreme Edition Yes Yes Yes
06_3AH All 3rd Generation Intel Core Processor and Intel Xeon processor E3-1200 v2 product family based on Ivy Bridge microarchitecture Yes Yes Yes
06_3FH All Intel Xeon processor E5-4600/2600/1600 v3 product families, Intel Xeon processor E7 v3 product families based on Haswell-E microarchitecture, Intel Core i7-59xx Processor Extreme Edition Yes Yes Yes
06_3CH, 06_45H, 06_46H All 4th Generation Intel Core processor and Intel Xeon processor E3-1200 v3 product family based on Haswell microarchitecture Yes Yes Yes
06_56H All Intel Xeon processor D-1500 product family based on Broadwell microarchitecture Yes Yes Yes
06_4FH All Intel Xeon processor E5 v4 Family based on Broadwell microarchitecture, Intel Xeon processor E7 v4 Family, Intel Core i7-69xx Processor Extreme Edition Yes Yes Yes
06_47H All 5th generation Intel Core processors, Intel Xeon processor E3-1200 v4 product family based on Broadwell microarchitecture Yes Yes Yes
06_3DH All Intel Core M-5xxx Processor, 5th generation Intel Core processors based on Broadwell microarchitecture Yes Yes Yes
06_55H <=4 Intel® Xeon® Processor Scalable Family based on Skylake microarchitecture Yes Yes Yes
06_4EH, 06_5EH All 6th generation Intel Core processors and Intel Xeon processor E3-1500m v5 product family and E3- 1200 v5 product family based on Skylake microarchitecture Yes Yes Yes
06_8EH, 06_9EH <B 7th/8th generation Intel® Core™ processors based on Kaby/Coffee Lake microarchitecture Yes Yes Yes
06_9E 0xC 8th/9th generation Intel® Core™ processors and Intel® Pentium™ processors based on Coffee Lake microarchitecture No Yes Yes
06_8E 0xB 8th Generation Intel® Core™ i7 Processors, Intel® Pentium® Gold Processor Series, and Intel® Celeron® Processor 4000 Series based on  Whiskey Lake (ULT) microarchitecture No Yes Yes
06_8E 0xC 8th Generation Intel® Core™ i7 Processors, Intel® Pentium® Gold Processor Series, and Intel® Celeron® Processor 4000 Series based on Whiskey Lake (ULT refresh) microarchitecture No No No
06_9E 0xD 8th Generation Intel® Core™ i7 Processors, Intel® Pentium® Gold Processor Series, and Intel® Celeron® Processor 4000 Series based on Whiskey Lake (Desktop) No No No
06_55H 5 2nd Generation Intel® Xeon® Scalable Processors based on Cascade Lake microarchitecture No Yes Yes
06_55H 6,7 2nd Generation Intel® Xeon® Scalable Processors based on Cascade Lake microarchitecture No No No
06_7EH 5 10th Generation Intel® Core™ Processor Family based on Ice Lake (U, Y) microarchitecture No Yes No
06_86H All Atom (Tremont) No No No
06_37H, 06_4AH,
06_4CH,
06_4DH,
06_5AH,
06_5DH,
06_6EH,
06_65H,
06_75H
All Atom (Silvermont, Airmont) No Yes No
06_1CH, 06_26H, 06_27H, 06_35H, 06_36H 06_36H, 06_7AH All Atom (Bonnell,Saltwell, Goldmont, GoldmontPlus) No No No
06_57H, 06_85H All Intel® Xeon Phi™ x200 and 72x5 Product Families based on Knights Mill and Knights Landing microarchitectures No Yes No

Was this article helpful?YesNo
0% of users found this helpful

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software, or service activation. Performance varies depending on system configuration. Check with your system manufacturer or retailer or learn more at www.intel.com.

All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps.

Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors.

Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more complete information visit www.intel.com/benchmarks.

Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available​ updates.

The products and services described may contain defects or errors known as errata which may cause deviations from published specifications. Current characterized errata are available on request.

Intel provides these materials as-is, with no express or implied warranties.

No product or component can be absolutely secure.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.

*Other names and brands may be claimed as the property of others.

Copyright Intel Corporation 2020.