New Hardware Vulnerability Found in Intel Processors

The details are still very scarce, but a new and potentially huge vulnerability was discovered with pretty much all Intel processors, in hardware. The good news, it can be fixed through software, the bad news is that certain workloads will degrade Intel CPU performance.

The news broke yesterday evening through the register who wrote a piece on it. The bug is still not detailed and kept under embargo by Intel so that Microsoft, MAC and Linux OSes (kernel) can be patched. Basically (from what we read) the vulnerability lets users of a virtual machine (VM) access data of another VM on the same physical machine, that is a memory leak. Ergo with infected malware or access to the machine, in theory, it will be possible to read out data for the highest hierarchy in the processor, the Kernel. If that can be read out, everything can be read out including logins, passwords and so onwards.

Amazon announced it is doing massive maintenance on its services January 10th to update their machine, but also affected are cloud services from Google and Microsoft. The patches cannot be invoked on the firmware side of things, meaning it’s a software solution. And herein is a problem found, it has been reported that under specific workloads performance drops have been spotted ranging from 5 to even 30% on Intel processors. Patches for the Linux kernel are available and propagating, Microsoft will patch it’s OSes soon as well.

From the looks of it, this will hit Intel processors on an incredibly large scale, we think (thus this is not confirmed) all Intel processor supporting virtualization (VT-x) are affected. All AMD x86 processors (Opteron, Ryzen, EPYC, etc.,) are not affected to the vulnerability, so AMD performance will remain up-to-snuff.

So, for now, Servers and PCs where multiple clients can get access to the system are most likely vulnerable. But the performance hits could be widespread. The Register posted an in-depth piece on this, have a read here.