Crosstalk vulnerability in Intel processors allows information to be extracted from other cores

Meet Crosstalk, a new Intel specific vulnerability that allows you to run an application on one kernel and extract information from applications that run on other kernels. This works even on virtual machines, so it is a major danger for servers since wyou can access virtual machines that run on other cores.

All patches related to Specter, Meltdown, and similar vulnerabilities only target attacks within a single core, this vulnerability can still be exploited on up-to-date systems as it operates across multiple cores by exploiting vulnerabilities in the shared buffer that the processor. Since a single physical processor is used on many systems to host instances of multiple people or companies, this is dangerous since other people's instances can be accessed and their information extracted.

The study learned that a large number of processors are affected, including from Broadwell to Coffee Lake Refresh. The only unaffected processors are the Xeon Cascade Lake, which is the next-generation server CPUs, making most servers with older technologies vulnerable.

Intel announced the release of a patch that is already available to partners, which delays the access of other cores to the buffer when a core uses RDRAND, RDSEED, or EGETKEY instructions. Also, if multiple cores execute these instructions, they will be executed in series instead of parallel, so that only one nucleus accesses at a time and data leakage is avoided.

If you are interested in reading the technical aspects of the vulnerability, you can read finding information on the official VUSEC page and on the official Intel page.