• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
  • The Politics forum has been nuked. Please do not bring political discussion to the rest of the site, or you will be removed. Thanks.

News Drama Another vulnerability found in INTEL cpu's

Elektro Demon

Shits and Giggles
Nov 9, 2019
4,600
8,085
815
Croatia
www.youtube.com
https://hexus.net/tech/news/cpu/139250-cacheout-intel-cpu-vulnerability-detailed/

Another vulnerability found in Intel cpus, this one is called CacheOut.

Before we go on, it is worth noting that Intel CPUs released before SkyLake and after Q4 2018 will not be vulnerable to CacheOut. AMD processors aren't affected, according to the researchers. IBM and ARM processors might be affected but were outside the scope of the paper. Researchers at the University of Michigan and University of Adelaide observed that "as data is being evicted from the CPU L1 cache, it is often transferred back to the leaky CPU buffers where it can be recovered by the attacker." An attractive aspect of CacheOut for hackers is that it allows choice of which data to leak from the CPU’s L1 cache, as well as which part of a cache line to leak. The researchers demonstrated that it is possible to "leak information across multiple security boundaries, including those between hyperthreads, processes, and virtual machines, and between user space and the operating system kernel, and from SGX enclaves." Intel has classed CacheOut, or L1D Eviction Sampling / CVE-2020-0549 / INTEL-SA-00329 - as a medium severity level 6.5 vulnerability.
The security researchers got in touch with Intel last year before making their research public. This helped Intel get patches ready, and cloud providers have already deployed countermeasures against the flaw. Disabling hyperthreading or disabling TSX within Intel’s processors can mitigate against the flaw for now. However, Intel says it expects to release microcode updates for affected processors shortly.
 

Isaak

Neo Member
Jan 28, 2020
24
50
125
 

10000

Banned
Jun 30, 2019
426
448
350
and then some people still defend and choose intel after all this dumpster fire
 

PhoenixTank

Member
Jul 13, 2017
1,487
1,688
745
Another variant of MDS/Zombieload but a new name.
Microcode updates are out today, KB4497165.
The haunting continues!
 

M1chl

Currently Gif and Meme Champion
Dec 25, 2019
11,748
22,499
1,025
Prague, Czech Republic
You believe the world is happy peaceful place of people holding hands dancing around a fire in harmony?
This is most likely industrial sabotage.
I hope you understand, or probably not, how is x86 architecture complex and how much it can go wrong, stepping in CPU fixex minor bugs. I hope you remember that infamous AMD Bulldozer "BSOD bug". These things are normal. And this is whole document about known AMD Ryzen HW problems and how to create workaround: https://www.amd.com/system/files/TechDocs/55449_Fam_17h_M_00h-0Fh_Rev_Guide.pdf