Categories
Intel

Another HUGE Intel Bug

There is evidence that an Intel CPU bug, which could have lasting consequences for Amazon, Google, and other major cloud providers, is about to be disclosed. While a fix is in the pipeline, people say that it could impose performance penalties of as much as 35 percent. AMD chips are reportedly unaffected.

dfwf
Picture: python sweetness

There is presently an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve. Urgent development of a software mitigation is being done in the open and recently landed in the Linux kernel, and a similar mitigation began appearing in NT kernels in November. In the worst case, the software fix causes huge slowdowns in typical workloads.

A public demonstration for such an attack scenario can be found here.

How bad is the security issue?

Well, an affected processor could have the contents of its kernel memory accessed, which is where super-secure things like passwords, log-ins, and more can be found.   The Register, who first reported on the story, explains: “At worst, the hole could be abused by programs and logged-in users to read the contents of the kernel’s memory. Suffice to say, this is not great. The kernel’s memory space is hidden from user processes and programs because it may contain all sorts of secrets, such as passwords, login keys, files cached from disk, and so on. Imagine a piece of JavaScript running in a browser, or malicious software running on a shared public cloud server, able to sniff sensitive kernel-protected data“.

With a huge 5-30% decrease in performance, AMD is going to have a massive win here – buy Ryzen CPUs and receive a CPU that will perform better than an equally priced Intel CPU, post-OS patch. This will send shock waves through the industry, and completely change benchmarking for things like me – as once I patch my OS, a 5-30% performance drop affects absolutely everything I do.

Can my antivirus detect or block this attack?

While possible in theory, this is unlikely in practice.

Source

  • The mysterious case of the Linux Page Table Isolation patches (pythonsweetness.tumblr.com)
  • ‘Kernel memory leaking’ Intel processor design flaw forces Linux, Windows redesign (theregister.co.uk)
  • Initial Benchmarks Of The Performance Impact Resulting From Linux’s x86 Security Changes (phoronix.com)