Recently, on Hacker News front page, there was a post mentioning a new vulnerability that seems to affect Intel processors. The post is mostly speculation and there is no PoC or an exploit that I'm aware of. While the article is unclear to me, it seems to suggest that the vulnerability is serious, for many reasons (quick patching of Windows NT and Linux, major cloud vendors involved, etc). What is actually known about the problem? Is there a source better than the URL I linked to that could show more relevant information?
Asked
Active
Viewed 160 times
4
-
I saw that too, and I can't claim to be an expert of this (potential) exploit but it appears to be related to the chatter on this reddit: https://www.reddit.com/r/sysadmin/comments/7nl8r0/intel_bug_incoming/ Does that help any? – PSaul Jan 02 '18 at 21:21
-
@PSaul: might be a clue, let's see what others say about it. – d33tah Jan 02 '18 at 21:23
-
Here's another surprisingly well-organised article: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ (found in Reddit post from @PSaul) – d33tah Jan 02 '18 at 21:44
-
1Judging by these linked resources, it's 1) related to speculative execution, 2) does not affect AMD processors, 3) is mitigated by page table splitting, and 4) requires fixing the hardware for a complete fix. It seems that it's either a nasty side-channel attack for determining the location of the kernel base address (likely, and not a really big deal), a method of breaking out of or violating integrity/confidentiality guarantees of VMs (also very possible), or allowing arbitrary memory reads via speculative execution (unlikely, but of truly apocalyptic impact if true). – forest Jan 03 '18 at 03:09
-
1The vulnerability appears to be embargoed at this time, so it's unlikely you'll find much information beyond speculation and the patches. – David Jan 03 '18 at 04:30
-
I would also like to hear a commentary on claims presented here: https://news.ycombinator.com/item?id=16064545 – d33tah Jan 03 '18 at 21:22