Crosstalk vulnerability in Intel processors allows information to be extracted from other cores
Meet Crosstalk, a new Intel specific vulnerability that allows you to run an application on one kernel and extract information from applications that run on other kernels. This works even on virtual machines, so it is a major danger for servers since wyou can access virtual machines that run on other cores.
All patches related to Specter, Meltdown, and similar vulnerabilities only target attacks within a single core, this vulnerability can still be exploited on up-to-date systems as it operates across multiple cores by exploiting vulnerabilities in the shared buffer that the processor. Since a single physical processor is used on many systems to host instances of multiple people or companies, this is dangerous since other people's instances can be accessed and their information extracted.
The study learned that a large number of processors are affected, including from Broadwell to Coffee Lake Refresh. The only unaffected processors are the Xeon Cascade Lake, which is the next-generation server CPUs, making most servers with older technologies vulnerable.
Intel announced the release of a patch that is already available to partners, which delays the access of other cores to the buffer when a core uses RDRAND, RDSEED, or EGETKEY instructions. Also, if multiple cores execute these instructions, they will be executed in series instead of parallel, so that only one nucleus accesses at a time and data leakage is avoided.
If you are interested in reading the technical aspects of the vulnerability, you can read finding information on the official VUSEC page and on the official Intel page.
Senior Member
Posts: 11809
Joined: 2012-07-20
Only important thing is performance loss. What @user1 wrote indicates that for certain instructions, loss is up to 97%.
Senior Member
Posts: 1202
Joined: 2010-05-12
I wanted to ask here exactly, what are those instructions doing? Because in this case would be better to patch compilers to use them as less as possible.
Senior Member
Posts: 11809
Joined: 2012-07-20
In that case Attacker will likely use his own tooling to maximize potential. When using default tooling will result in 100 times longer data extraction, it is easier to just use pre-patch compiler.
Senior Member
Posts: 1126
Joined: 2009-04-29
New arq cant come soon enough for intel...
Posts: 3580
Joined: 2009-01-03
This affect newer chips like 10900k?