In Intel Processors, Another Vulnerability is Discovered

[zoran]

 

The new vulnerability affects all models of the Intel Core processor family.

Since the beginning of 2018 now and then there are reports of any problems affecting the processors manufactured by Intel. In January, a wide response was heard about two serious Vulnerabilities Meltdown and Specter, affecting almost all modern processors, and in May the researchers found in Intel processors eight more vulnerabilities, collectively called Spectre-NG . Now one more list has been added to this list.

 

According to Intel, the new vulnerability with the conditional name "Lazy FP State Restore" (CVE-2018-3665) is hardware and affects all models of the Intel Core processor family. Vulnerable systems are based on Intel Core, regardless of the OS (Windows, Linux, OS of the BSD family, etc.).

 

The problem is related to Lazy FPU context switching, a performance optimization function used by operating systems to store and restore FPU registers (Floating Point Unit). FPU is a processor unit designed to handle floating-point numbers. Thus, a vulnerability in Intel Core processors allows another process to access registers and data in them. The problem is that these data are used for various tasks, including cryptographic equations. If you have access to such information, an attacker can crack the encryption key.

To fix this vulnerability, you do not need to update the Intel microcode, just install the OS update. Microsoft and the developers of Linux distributions are already preparing the appropriate fixes.

source

[Crazycanuk]

Please provide a source for you threads