New Intel Vulnerabilities Bring Fresh CPU Attack Dangers

New Intel Vulnerabilities Bring Fresh CPU Attack Dangers
Four newly discovered vulns from the speculative-execution family bring Meltdown-like threats to Intel's processors.

A new family of speculative execution side-channel vulnerabilities has been found in Intel CPUs and researchers and vendors are split over how severe the flaws are and how easy they are to exploit.


Even the name of the vuln family is a subject of disagreement among researchers, ranging from colorful to prosaic: ZombieLoad, Fallout, RIDL (Rogue In-Flight Data Load), YAM (Yet Another Meltdown), and Intel's name for the family of flaws, MDS (Microarchitectural Data Sampling). 


Researchers from security firms Cyberus, BitDefender, Qihoo360, and Oracle, along with academic researchers from TU Graz, Vrije Universiteit Amsterdam, the University of Michigan, the University of Adelaide, KU Leuven, Worcester Polytechnic Institute, and Saarland University, discovered the flaws and came up with the related exploits. All of the researchers were exploring the same conceptual issues - side-channel vulnerabilities - but found the new family in a different area of the CPU than where the previously identified side-channel vulns, Spectre and Meltdown, operate.


The researchers followed responsible disclosure practices and held on publicly releasing their work - some for as much as a year - while Intel developed firmware to remediate the issues.


Bogdan (Bob) Botezatu, director of threat research and reporting for Bitdefender, says the difference between these MDS vulnerabilities and those exploited by earlier speculative-execution flaws like Spectre and Meltdown, is the difference between a buffer and a cache.


"A buffer is an area of the CPU where operations are executed in transit," he explains, while a cache is memory where data or instructions are stored in anticipation of being called. This difference in the affected CPU area is why the phrase "data in transit" is being used wi ..

Support the originator by clicking the read the rest link below.