Huge Flaw Found in Intel Processors; Patch Could Hit 5-30% CPU Performance


The first week of the new year has not yet been completed, and very soon a massive vulnerability is going to hit hundreds of millions of Windows, Linux, and Mac users worldwide.

According to a

blog post

published yesterday, the core team of Linux kernel development has prepared a critical kernel update without releasing much information about the vulnerability.

Multiple researchers on Twitter have

confirmed

that Intel processors (x86-64) have a severe hardware-level issue that could allow attackers to access protected kernel memory, which primarily includes information like passwords, login keys, and files cached from disk.

The security patch

implements

kernel page-table isolation (KPTI) to move the kernel into an entirely separate address space and keeps it protected and inaccessible from running programs and userspace, which requires an update at the operating system level.

"The purpose of the series is conceptually simple: to prevent a variety of attacks by unmapping as much of the Linux kernel from the process page table while the process is running in user space, greatly hindering attempts to identify kernel virtual address ranges from unprivileged userspace code," writes Python Sweetness.

It is noteworthy that installing the update will hit your system speed negatively and could

bring down CPUs performance

by 5 percent to 30 percent, "depending on the task and processor model."

"With the page table splitting patches merged, it becomes necessary for the kernel to flush these caches every time the kernel begins executing, and every time user code resumes executing."

Much details of the flaw have been kept under wraps for now, but considering its secretary, some researchers have also speculated that a Javascript program running in a web browser can recover sensitive kernel-protected data.

AMD processors are not affected by the vulnerability due to security protections that the company has in place,

said

Tom Lendacky, a member of the Linux OS group at AMD.

"AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against," the company said. 
"The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault."

The Linux patch that is being released for ALL x86 processors also includes AMD processors, which has also been considered insecure by the Linux mainline kernel, but AMD recommends specifically not to enable the patch for Linux.

Microsoft is likely to fix the issue for its Windows operating system in an upcoming Patch Tuesday, and Apple is also likely working on a patch to address the vulnerability.



from The Hacker News http://ift.tt/2E08H5R