Intel has announced a new vulnerability affecting some of their processors, called MDS, or Microarchitectural Data Sampling. Four forms of this have been identified and each has a separate CVE classification: CVE-2018-12126, CVE-2018-12130, CVE-2018-12127 and CVE-2019-11091.
The problem arises again from speculative execution, as MDS allows access to data stored in the processor's internal structure, including various buffers, for a code that should not otherwise access stored information.
It is worth noting that some MDS vulnerability exploiting techniques have been written by developers who have discovered Specter and Meltdown gaps, but Intel has highlighted that the problem was first noticed by their own professionals.
The problem is purely architectural and affects Nehalem designers or newer Intel processors, but the company stressed that the previously installed hardware protection against Meltdown effectively prevents MDS from certain 8th and all 9th generation mobile and desktop based CPU tile (Whiskey Lake and the latest stepping stone Coffee Lake) and second generation scalable Xeon series (Casvade Lake-SP and -AP). In addition, the Atom and Xeon Phi models are immune to the above vulnerability due to operational differences. Experts discovering the bug also failed to execute an attack on a single MDS slot on ARM and AMD processors, so they are also protected.
Troubleshooting consists of two parts. On the one hand, Intel recommends purchasing newer hardware-protected processors, but if this is not possible, microcode updates should be used for older MDS-vulnerable processors. These are provided by the company to its partners, so the new BIOSs will soon be available, but the microcodes themselves will be included in the updates of the operating systems and the hypervisor software will not be lost either. The vulnerability itself is, in any case, quite difficult to exploit in real-life situations, but it is always recommended for those affected to install fixes.
Fresh microcodes, in addition to certain tasks, will cause a loss of performance, but the deceleration depends to a large extent on the running session. The software patch also deletes the contents of the buffer that can be accessed by the vulnerability if an application starts running on that processor core that the previously running application does not trust. Here, certain processes in the operating systems are likely to be trusted, while a single third-party program is no longer reliable.
The new microcodes will greatly change the operation of Hyper-Threading, which processor is affected. In the new system, processor cores cannot run side by side with processes that come from different security domains. With this, the efficiency of Hyper-Threading will be reduced, since its benefits can be exploited in fewer situations, but Intel does not recommend turning off the technology even though it is being encouraged by more and more security professionals. This is also logical, as Hyper-Threading can continue to accelerate processing, with newer microcodes no longer as much as before.
0 comments:
Post a Comment