Jump to content
sleed

New critical vulnerability on Intel

Recommended Posts

Posted (edited)

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
  

Kernel page-table isolation (KPTI, previously called KAISER) is a hardening technique in the Linux kernel to improve security by better isolating user space and kernel space memory. KPTI was merged into Linux kernel version 4.15, to be released in early 2018, and backported into Linux Kernel 4.14.10. Windows implemented an identical feature in version 17035 (RS4). Prior to KPTI, whenever executing user space code (applications), Linux would also keep its entire kernel memory mapped in page table.

  

https://www.youtube.com/watch?time_continue=1792&v=ewe3-mUku94

 

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5925

 

https://www.reddit.com/r/Amd/comments/7nqwoe/apparently_amds_request_to_be_excluded_from_the/

 

 

 The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – such as PCID – to reduce the performance hit. 

Edited by sleed
  • Upvote 4
Posted
20 hours ago, Gushterul said:

Sa vezi acum ditamai botnetul...  Porcarie de lab la Google sa faci disclosure la asa ceva.

Fara awareness, vulnerabilitatile de genu' acesta nu vor fi niciodata rezolvate. Si e mai bine sa stie toata lumea de ele, inclusiv cei vulnerabili, decat sa stie de vulnerabilitate doar grupuri restranse de oameni. Grupurile astea (nu dau nume, dar ma refer si la prescurtari din 3-4 litere) ar folosi vulerabilitatile pentru propriul interes, iar restul ar avea un fals sentiment de siguranta...

  • Upvote 4
Posted (edited)

problema e mai grava decat pare la suprafata, patchurile ca sa functioneze reduc viteza de procesare cu 17-23% gandeste ce inseamna pentru amazon unde sunt zeci de mii de procesoare - pierdere de mii de procesoare, la 10000 de procesoare prin patch ai pierde cum ar veni in medie 2000 de procesoare ca si putere de procesare.

 

si totul din lacomie, se stia de problema de cand erau facute procesoarele doar ca era o intelegere tacita ca sa fie mai rapide

 

https://www.theverge.com/2018/1/4/16850516/intel-meltdown-spectre-bug-patch-cpu-security-flaw-news

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/

Edited by robertutzu
xxx
  • Upvote 1
Posted (edited)

Oricum, sunt dificil de exploatat astea, nu orice copil de flood le poate exploata.

Mie personal imi convine, deoarece sigur vor scadea preturile la procesoarele afectate.

Aia care sunteti pe windows, si vreti sa va documentati, aruncati un oki aici

 

Edited by Sithalkes
Posted
1 hour ago, Sithalkes said:

Oricum, sunt dificil de exploatat astea, nu orice copil de flood le poate exploata.

Mie personal imi convine, deoarece sigur vor scadea preturile la procesoarele afectate.

Aia care sunteti pe windows, si vreti sa va documentati, aruncati un oki aici

 

https://github.com/crozone/SpectrePoC  

 

Orice bajet de jmekereala cu instructiuni de pe stackoverflow iti scoate malware cu spectre....

  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...