• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
  • The Politics forum has been nuked. Please do not bring political discussion to the rest of the site, or you will be removed. Thanks.

Cringe And today's Intel's security flaw of the day is: LVI (mitigation "hits performance hard")

llien

Member
Feb 1, 2017
10,393
8,354
945
Thanks to Leonidas Leonidas for reminding us that security is important.

Intel looks like an endless source of security flaws, or, as some people would honestly put it: a clusterfuck.
The only thing that comes near is, perhaps, The Internet Exploder:
`



A new class of security vulnerabilities affect Intel processors, which can cause them to leak out sensitive information if probed in a certain way, but that's not the worst news for Intel and its users. The software- or firmware-level mitigation for this vulnerability can inflict performance reductions "ranging from 2x to 19x," according to a report by The Register. A full mitigation for the new Load Value Injection (LVI) class of vulnerabilities requires Intel to redesign software compilers. The vulnerability is chronicled under CVE-2020-0551 and Intel-SA-00334. It is not a remote code execution threat, however, it puts multi-tenant machines, such as physical servers handling multiple tenants via virtual servers.

"LVI turns previous data extraction attacks around, like Meltdown, Foreshadow, ZombieLoad, RIDL and Fallout, and defeats all existing mitigations. Instead of directly leaking data from the victim to the attacker, we proceed in the opposite direction: we smuggle — "inject" — the attacker's data through hidden processor buffers into a victim program and hijack transient execution to acquire sensitive information, such as the victim's fingerprints or passwords," the reasearchers write in the abstract of their paper describing the vulnerability. Anti-virus manufacturer BitDefender independently discovered LVI and shared its study with Intel. The company could publish its findings in February. Additional technical details are found in the group's website here.

 

GHG

Member
Nov 9, 2006
26,832
42,138
1,995
I should get my new AMD build sorted before coronavirus starts fucking with prices.
 

MrA

Member
Mar 9, 2020
1,880
3,090
420
Do we know if this is x86 related and be trouble for amd as well or is it strictly an Intel issue?
 

Pimpbaa

Member
Jun 8, 2004
17,352
733
1,705
45
Canada
Well shit, my laptop only has 2 kaby lake cores (although they do have hyperthreading). I'm fucked if there are significant performance hits. Then again, all I do on mine is browse gaf and look at porn.

edit: why did I bump a thread from thursday?!
 
Last edited:

10000

Banned
Jun 30, 2019
426
448
350
this is getting ridiculous, isn't it

selling overpriced flawed products and still had that many loyalist
 

caffeware

Member
Oct 17, 2012
2,792
3,295
1,040
By now I assume AMD have a full team working on finding Intel's security flaws.
 
Last edited:
  • LOL
Reactions: bati

Newly Vacant

Member
Jul 30, 2013
2,676
7,268
1,015
I’m so tired of these flaws. I just want to play games on my PC, and every time I see one of these pop up it’s like another potential 5% performance loss. I have two PCs that I use regularly, and I feel like I should just dump the Intel one and make another AMD one.