'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Discussion in 'other security issues & news' started by Minimalist, Jan 2, 2018.

  1. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,413
    Location:
    Outer space
    Uh Intel lists 6th gen and up as vulnerable for both vulnerabilities, and older gens as not vulnerable.
     
  2. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,204
    Location:
    Member state of European Union
    Maybe they mean the most recent 10th generation based on Ice Lake.
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    34,729
    CacheOut Intel CPU vulnerability detailed
    January 28, 2020
    https://hexus.net/tech/news/cpu/139250-cacheout-intel-cpu-vulnerability-detailed/
    CacheOut - Leaking Data on Intel CPUs via Cache Evictions

    Intel: Processors Affected: L1D Eviction Sampling
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    34,729
    CacheOut vulnerability hype comes under fire
    Err, isn’t this just ZombieLoad?
    January 29, 2020

    https://portswigger.net/daily-swig/cacheout-vulnerability-hype-comes-under-fire
    ZombieLoad Attack - Return of the Leaking Dead
     
  5. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    34,729
    Intel Microcode Updates for Windows 10
    January 31, 2020
    https://www.ghacks.net/2020/01/31/intel-microcode-updates-for-windows-10/
     
  6. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,413
    Location:
    Outer space
  7. HempOil

    HempOil Registered Member

    Joined:
    Jun 15, 2015
    Posts:
    186
    Location:
    Canada
    Hallelujah! I'm finally running 0x2F MCU. My only question is what the heck took MS so long to release it! Intel released theirs on August 31st.
     
  8. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    2,089
    Location:
    Hollow Earth - Telos
    I plan on getting a chromebook soon with a Intel I3. Will any of these memory leaking problems be something to worry about with a chromebook.
     
  9. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,204
    Location:
    Member state of European Union
    This is hardware problem, so the same problem exists regardless the OS you are using. One the other side these bugs require very skilled hacker to exploit them and there are mitigations, so I would worry about more common malware first as a home user.
     
  10. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    34,729
    Load Value Injection: Intel CPUs Vulnerable to Reverse Meltdown Attack
    March 10, 2020
    https://www.securityweek.com/load-value-injection-intel-cpus-vulnerable-reverse-meltdown-attack
    Bitdefender Researchers Discover New Side-Channel Attack
    Whitepaper: "Load Value Injection in the Line Fill Buffers: How to Hijack Control Flow without Spectre"
    (PDF): https://businessresources.bitdefender.com/hubfs/Bitdefender_Whitepaper_LVI-LFB_EN.pdf
     
  11. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    34,729
    Intel Processors Affected by New Snoop Vulnerability
    Snoop Attacks via L1 Data Sampling Threaten Security of Intel CPUs

    March 18, 2020
    https://securityintelligence.com/ne...ata-sampling-threaten-security-of-intel-cpus/
    Intel: Deep Dive: Snoop-assisted L1 Data Sampling
    Intel: Processors Affected: Snoop-assisted L1 Data Sampling
     
  12. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    34,729
    Linus Torvalds rejects 'stupid' AWS-made Linux patch for Intel CPU Snoop attack
    June 3, 2020
    https://www.zdnet.com/article/linus...-made-linux-patch-for-intel-cpu-snoop-attack/
     
  13. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    34,729
    New SGAxe attack steals protected data from Intel SGX enclaves
    June 9, 2020
    https://www.bleepingcomputer.com/ne...teals-protected-data-from-intel-sgx-enclaves/
     
  14. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    34,729
    New CrossTalk attack impacts Intel's mobile, desktop, and server CPUs
    ...that can be used to leak data across Intel CPU cores
    June 9, 2020

    https://www.zdnet.com/article/new-crosstalk-attack-impacts-intels-mobile-desktop-and-server-cpus/
     
  15. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,413
    Location:
    Outer space
    Not only will Intel no longer release microcode updates for 2nd gen(Sandy Bridge)(as expected, as they dropped 1st gen last year), but also no longer for 3rd gen(Ivy Bridge) :mad:
     
  16. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    34,729
    Thought you'd addressed those data-leaking Spectre holes on Linux? Guess again. The patches aren't perfect
    June 9, 2020
    https://www.theregister.com/2020/06/09/linux_kernel_bugs_spectre/
     
  17. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    34,729
    Arm CPUs impacted by rare side-channel attack
    June 10, 2020
    https://www.zdnet.com/article/arm-cpus-impacted-by-rare-side-channel-attack/
     
  18. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    8,152
    Location:
    Among the gum trees
    I got Intel micro patches in Kubuntu and Mint yesterday. I'm not overly concerned about this problem anymore.
     
  19. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    13,757
    Location:
    Slovenia
    AMD says it will fix new CPU bugs by the end of June 2020
    https://www.zdnet.com/article/amd-says-it-will-fix-new-cpu-bug-by-the-end-of-june-2020/
     
  20. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    13,757
    Location:
    Slovenia
    Hacker Lexicon: What Is a Side Channel Attack?
    https://www.wired.com/story/what-is-side-channel-attack/
     
  21. HempOil

    HempOil Registered Member

    Joined:
    Jun 15, 2015
    Posts:
    186
    Location:
    Canada
    Foreshadow returns to the foreground: Secrets-spilling speculative-execution Intel flaw lives on, say boffins
    https://www.theregister.com/2020/08/07/foreshadow_strikes_back_boffins_find/
     
  22. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    34,729
    New Intel microcode updates for Windows 10 fix CPU hardware bugs
    September 2, 2020
    https://www.bleepingcomputer.com/ne...updates-for-windows-10-fix-cpu-hardware-bugs/
     
  23. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,413
    Location:
    Outer space
    Follow up: 15.33.50.5129 was released in March and 15.33.51.5146 was released in August.
     
  24. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,413
    Location:
    Outer space
  25. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    34,729
    Windows 10 Intel microcode updates fixes CPU hardware bugs
    November 10, 2020
    https://www.bleepingcomputer.com/ne...el-microcode-updates-fixes-cpu-hardware-bugs/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.