Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
Be Quiet! Pure Power 12 M - 850W ATX 3.0 PSU review
Corsair H170i Elite Capellix XT review
Forspoken: PC performance graphics benchmarks
ASRock Z790 Taichi review
The Callisto Protocol: PC graphics benchmarks
G.Skill TridentZ 5 RGB 6800 MHz CL34 DDR5 review
Be Quiet! Dark Power 13 - 1000W PSU Review
Palit GeForce RTX 4080 GamingPRO OC review
Core i9 13900K DDR5 7200 MHz (+memory scaling) review
Seasonic Prime Titanium TX-1300 (1300W PSU) review

New Downloads
GeForce 528.49 WHQL driver download
Intel ARC graphics Driver Download Version: 31.0.101.4123
FurMark Download v1.33.0.0
Corsair Utility Engine Download (iCUE) Download v4.33.138
CPU-Z download v2.04
AMD Radeon Software Adrenalin 23.1.2 (RX 7900) download
GeForce 528.24 WHQL driver download
Display Driver Uninstaller Download version 18.0.6.0
Download Intel network driver package 27.8
ReShade download v5.6.0


New Forum Topics
8700k + RTX 4000 series? ASUS ROG offers 6 models gaming notebook PCs equipped with GeForce RTX 40 and 13th gen Core i9 Radeon Chill lowers FPS on RX 7xxx White 27-inch WQHD Gaming Monitors from MSI NVIDIA GeForce 528.49 WHQL driver Download & Discussion Extreme 4-Way Sli Tuning AMD Radeon Software Adrenalin 23.1.1 (RX 7900) download GeForce RTX 4060 would be equivalent to an RTX 3070 Ti in performance Nvidia shows signs ... Microsoft Now Is Proactively Informing Windows 10 users to update to Windows 11




Guru3D.com » News » New Vulnerability hits Intel processors - Lazy FP State Restore

New Vulnerability hits Intel processors - Lazy FP State Restore

by Hilbert Hagedoorn on: 06/14/2018 11:34 AM | source: | 34 comment(s)
New Vulnerability hits Intel processors - Lazy FP State Restore

Yet another security vulnerability was found in Intel chips and affects the processor's speculative execution technology, much like Spectre and Meltdown. It can potentially be exploited to access sensitive information, including encryption related data.

The news was just posted at Intel, we'll follow the explanation from Red Hat though; Exploitation of lazy floating point restore could allow an attacker to obtain information about the activity of other applications, including encryption operations. The underlying vulnerability affects CPU speculative execution similar to other recent side-channel vulnerabilities. In this latest vulnerability, one process is able to read the floating point registers of other processes being lazily restored.

Root Cause - Lazy save/restore of FPU/SSE/AVX States:

Modern processors employ numerous techniques to improve system performance. One such technique is to defer save and restore of certain CPU context states on task switch. Today, processors come equipped with a dedicated Floating Point Unit (FPU) to perform high precision floating-point operations used in scientific, engineering and/or graphics applications. The FPU maintains its own context state in its data registers, status registers, as well as control and opcode registers.

A task/context switch occurs when a user application calls a kernel function or when a process is preempted to schedule the next one in the queue. Upon a task switch, the processor saves its current execution context (various registers, instruction and stack pointers, etc.) and loads the context of the new process. While doing so, it can defer restoring of FPU/SSE context state, because not all applications use the Floating Point Unit (FPU). If the newly scheduled process does not use Floating-Point (FP) instructions, it does not need to save/restore FPU context state. This can save precious execution cycles and improves performance.

Under the lazy restore scheme, during task switch, the first FP instruction executed by a process generates a “Device not Available (DNA)” exception; the DNA exception handler then saves the current FPU context into the old task’s state save area and loads the new FPU context for the current process. In other words, loading of the FPU state is deferred until an FP instruction is invoked by the current task - Lazy FPU restore.

Recent processors include processor extensions (“XSAVEOPT”) that implement FPU restore in hardware more efficiently, giving the performance benefits of lazy FPU without having to rely on the DNA exception. On these processors, Red Hat Enterprise Linux 7 is already using eager FPU restore, and is therefore not vulnerable.

Impact
A newly scheduled task can use the exploit described herein to infer the Floating Point register state of another task, which can be used to leak sensitive information.







« Noctua Showcased New Products at Computex 2018 (overview) · New Vulnerability hits Intel processors - Lazy FP State Restore · Review: DeepCool NEW ARK 90 Tower Chassis (w/ liquid cooling) »

7 pages « < 4 5 6 7


gx-x
Senior Member



Posts: 1521
Joined: 2007-03-18

#5557601 Posted on: 06/15/2018 01:12 PM
method of discovering is you see that something you didn't want to get out - got out. Money stolen? Data mysteriously erased? There are a lot of methods of discovery. And no, anti-malware will do nothing to stop/detect/prevent this. 1. those attacks will not be files, so nothing for anti-malware to do. 2. No one uses those attacks, there are easier ways to hack people/companies etc.

Only a matter of time for what? These "holes" have been around for over 10 years (some of them).
People are just paranoid about stupid stuff. Instead of being aware of about real stuff.

Robbo9999
Senior Member



Posts: 1692
Joined: 2012-10-07

#5557713 Posted on: 06/15/2018 06:40 PM
methods of detecting whether a computer has been exploited this way=0

malwares discovered that use it = growing exponentially since at least february.

only a matter of time really .

method of discovering is you see that something you didn't want to get out - got out. Money stolen? Data mysteriously erased? There are a lot of methods of discovery. And no, anti-malware will do nothing to stop/detect/prevent this. 1. those attacks will not be files, so nothing for anti-malware to do. 2. No one uses those attacks, there are easier ways to hack people/companies etc.

Only a matter of time for what? These "holes" have been around for over 10 years (some of them).
People are just paranoid about stupid stuff. Instead of being aware of about real stuff.

I think I agree with parts of both of these replies. Yes, I think the chances of being hacked by a Spectre attack will increase as time goes by, as more Malware starts being released that uses it. And for the second post I agree that there are easier ways to hack PC's to gain the same info, so the risk of attack is greater from the more traditional malware, risk of Spectre related attack therefore relatively quite low. That's my impression on it.

Athlonite
Senior Member



Posts: 1354
Joined: 2007-11-09

#5557751 Posted on: 06/15/2018 08:26 PM
And how exactly did everyone think Intel managed to keep their IPC speeds so high compared to AMD's simple they cut corners and kept cutting those corners because
a: It didn't effect the running of software
b: It allowed Intel to maintain better IPC speeds over AMD which they then touted all over the place

Well now we know how they did it and now that it's being patched Intel are loosing their IPC speed over AMD's soon with all the corners that were cut being patched they'll either have the same IPC speed as AMD or will be behind them

look at it this way, you have two cars exactly the same make model engine output yadda yadda except
car A has all but the drivers seat removed and car B is still stock which car will now be faster car A or car B ..... Car A ofcourse because it now weighs far less than car B yet both cars A and B are still susceptible to the same types of breakdowns But car A is also now more vulnerable because alot of the safety features were removed to save weight

user1
Senior Member



Posts: 2343
Joined: 2016-01-29

#5557818 Posted on: 06/16/2018 03:27 AM
method of discovering is you see that something you didn't want to get out - got out. Money stolen? Data mysteriously erased? There are a lot of methods of discovery. And no, anti-malware will do nothing to stop/detect/prevent this. 1. those attacks will not be files, so nothing for anti-malware to do. 2. No one uses those attacks, there are easier ways to hack people/companies etc.

Only a matter of time for what? These "holes" have been around for over 10 years (some of them).
People are just paranoid about stupid stuff. Instead of being aware of about real stuff.
There is no way to detect whether this method has been used, spectre allows you to leak information about other stuff in memory, ie if you have a tab open that has your bank details on it, another tab running a malicious javascript program can access that data. has nothing to do with writing to disk. you would have no idea how that information was leaked, since it leaves no evidence.

That is why patching your software is important. particularly the browser is most important.

7 pages « < 4 5 6 7


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2023