Posted on Friday, November 02 2018 @ 18:09 CET by Thomas De Maesschalck
Security researchers from the Tampere University of Technology in Finland and Technical University of Havana, Cuba
discovered a new vulnerability in Intel processors with Hyper-Threading. Called PortSmash, this new technique runs a malicious process next to legitimate ones, and is capable of retrieving encrypted data from a computer's memory or processor.
Researchers have classified PortSmash as a side-channel attack. In computer security terms, a side-channel attack describes a technique used for leaking encrypted data from a computer's memory or CPU, which works by recording and analyzing discrepancies in operation times, power consumption, electromagnetic leaks, or even sound to gain additional info that may help break encryption algorithms and recovering the CPU's processed data.
Proof-of-concept code was published on
GitHub and the team confirmed Intel Skylake and Kaby Lake processors are vulnerable to this attack. AMD processors with SMT, like Ryzen and EPYC are likely vulnerable too, but this has not been tested yet. Intel's security team received notice on October 1 and issued a patch yesterday.
