Are Coldfire processors vulnerable to the Spectre (or Meltdown) vulnerability?
For most of them, the answer is simply "no". They're not advanced enough to have the features that cause this problem.
Spectre and Meltdown require a CPU that performs Speculative Execution, and have a Protection Model that can be violated. Only the ColdFire V4 has the latter (has an MMU), and only has "Limited Superscalar" and "Branch Prediction" as its most advanced features.
There was a V5 ColdFire, but it was never released as a product. I have no idea what it did and can't find out either:
Meltdown requires a CPU that goes and fetches memory in parallel with checking to see if that access is permitted, and will fetch the memory location even if it isn't allowed. The CFV4 MMU Documentation says "By the middle of the KC1 cycle, the memory address is available along with its corresponding access control", which implies it doesn't do this.
At this point in time, NXP does not give general replies, due to analysis ongoing in several areas, and due to the fact that overall security is a system issue and therefor relying also on the used operating system etc.
I am posting the offical statement below here, but want to add a personal comment:
Especially the system aspect is for many ColdFire and Microcontroller based embedded systems the bottom line answer:
The Spectre vulnerability requires to execute code on the system, a code which tries to exploit it. If the OEM building a system, does not allow any code execution of foreign code (like on a desktop operating systems), the question if the processor is theoretically vulnerable to such attacks is void and academic only.
This is the first consideration to take and the reason for the second part of the statement below, it´s foremost a system question.
With this personal note, here is the statement and offer we make at this time for any further detailed answers.
NXP advises customers to write an email to the NXP Product Security Incident Response Team at psirt[@]nxp.com. It is required that you indicate the specific part and operating system that your question refers to in order to be able providing support in the best way.For end users using NXP processors but not buying semiconductors from NXP directly or through distributors, we have to refer to the original equipment manufacturer (OEM) as any security analysis needs to be done on a system level.
Retrieving data ...