DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
January 17, 2021 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 173 people online.

 

Latest Reviews
ASUS ROG Strix B450-F Gaming Motherboard
Sonos Move
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
 

Follow us
RSS
 

CacheOut vulnerability found in Intel CPU cache system

Posted on Tuesday, January 28 2020 @ 18:01:25 CET by


INTC
An international team of security researchers discovered a security vulnerability in the CPU caching system of Intel's processors. Named CacheOut, the vulnerability affects Intel CPUs from the Skylake to the Coffee Lake architecture. A full list of vulnerable and not vulnerable CPUs can be found over here.

CacheOut is another side-channel attack that allows attackers to steal data from a processor's L1 cache:
Researchers at the University of Michigan and University of Adelaide observed that "as data is being evicted from the CPU L1 cache, it is often transferred back to the leaky CPU buffers where it can be recovered by the attacker." An attractive aspect of CacheOut for hackers is that it allows choice of which data to leak from the CPU’s L1 cache, as well as which part of a cache line to leak. The researchers demonstrated that it is possible to "leak information across multiple security boundaries, including those between hyperthreads, processes, and virtual machines, and between user space and the operating system kernel, and from SGX enclaves." Intel has classed CacheOut, or L1D Eviction Sampling / CVE-2020-0549 / INTEL-SA-00329 - as a medium severity level 6.5 vulnerability.
Intel got informed about CacheOut last year and cloud providers have already deployed mitigation. Temporary fixes include disabling Hyper-Threading or TSX. Microcode updates for vulnerable processors will follow soon. It's unknown how this will affect the performance of Intel's processors.

Every microcode update to fix these issues typically lowers performance, which should weaken Intel's position in the market. However, in the short-term, this seems to be strengthening Intel's business as cloud providers and datacenters are forced to buy more Intel CPUs to maintain the same level of computing power.

Via: Hexus



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2021 DM Media Group bvba