Researchers from the University of Technology in Tampere and the Havana University of Technology have discovered a new vulnerability in Intel Core processors. It can allow attackers to gain access to encrypted data and it is exactly in all chips of the generations of Skylake and Kaby Lake.
The vulnerability was called PortSmash: it is assumed that it can be in general in all Intel processors that support simultaneous multithreading (SMT) or Hyper-Threading. The essence of the problem is that in the case of Hyper-Threading, one physical processor or core is seen by the operating system as two, and the vulnerability allows access from one instruction stream with data from the other, since they are executed on the same core. Researchers suggest that AMD processors may be subject to a similar problem, but this has not yet been verified.
Recall that in May, Microsoft and Google found in Intel processors a serious vulnerability, similar in nature to Specter. The security hole is associated with the speculative execution of commands and was called the Speculative Store Bypass (Variant 4). According to experts, the loss in performance of some processors after receiving the patch ranged from 2 to 8%.
iGuides in Telegram – t.me/iguides_ru
iGuides in Yandex.Dzen – zen.yandex.ru/iguides.ru
We give gifts for the best articles in blogs