There are two vulnerabilities :
- Meltdown or CVE-2017-5754
- Spectre or CVE-2017-5753 or CVE-2017-5715
Meltdown affect Intel processors made in 1995 and later, while spectre affects Amd, Intel and ARM processors. Since these are processor-bound, they exist on all operating systems. It is possible to bypass memory isolation, and access info, not meant to be accessed. Software patches to fix these vulnerabilities will slow down processors, by creating an overhead each time they make a system call.
side notes:
- this is very bad news for cloud providers
- Intel CEO Brian Krzanich sold off $24 million worth of stock and options in the company in late November (this is persumably after he knew about Meltdown)