Researchers have classified PortSmash as a side-channel attack. In computer security terms, a side-channel attack describes a technique used for leaking encrypted data from a computer's memory or CPU, which works by recording and analyzing discrepancies in operation times, power consumption, electromagnetic leaks, or even sound to gain additional info that may help break encryption algorithms and recovering the CPU's processed data.Proof-of-concept code was published on GitHub and the team confirmed Intel Skylake and Kaby Lake processors are vulnerable to this attack. AMD processors with SMT, like Ryzen and EPYC are likely vulnerable too, but this has not been tested yet. Intel's security team received notice on October 1 and issued a patch yesterday.
Intel CPUs with Hyper-Threading vulnerable to side-channel attack
Posted on Friday, November 02 2018 @ 18:09 CET by Thomas De Maesschalck