Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
G.Skill TridentZ 5 RGB 6800 MHz CL34 DDR5 review
Be Quiet! Dark Power 13 - 1000W PSU Review
Palit GeForce RTX 4080 GamingPRO OC review
Core i9 13900K DDR5 7200 MHz (+memory scaling) review
Seasonic Prime Titanium TX-1300 (1300W PSU) review
F1 2022: PC graphics performance benchmark review
MSI Clutch GM31 Lightweight​ (+Wireless) mice review
AMD Ryzen 9 7900 processor review
AMD Ryzen 7 7700 processor review
AMD Ryzen 5 7600 processor review

New Downloads
CPU-Z download v2.04
Intel ARC graphics Driver Download Version: 31.0.101.4090
AMD Radeon Software Adrenalin 23.1.2 (RX 7900) download
GeForce 528.24 WHQL driver download
Display Driver Uninstaller Download version 18.0.6.0
Download Intel network driver package 27.8
ReShade download v5.6.0
Media Player Classic - Home Cinema v2.0.0 Download
HWiNFO Download v7.36
MSI Afterburner 4.6.5 (Beta 4) Download


New Forum Topics
NVIDIA GeForce 528.24 WHQL driver download & Discussion Possible implementation of video card led control Info Zone - gEngines, Ray Tracing, DLSS, DLAA, TSR, FSR, XeSS, DLDSR etc. Intel Shares Fourth-Quarter and Full-Year 2022 Financial Results Forspoken implements Microsoft's DirectStorage API, offers faster load times but lowers frame rate AMD Software: Adrenalin Edition 23.1.2 for AMD Radeon™ RX 7900 Series Microsoft launched an Office Census. RTX 4090 Owner's thread Amernime Zone AMD Software: Adrenalin / Pro Driver - Release Discovery 22.12.2 WHQL Export and Share curve OC profiles for MSI AB (suggestion)




Guru3D.com » News » Three new vulnerabilities in Intel processors discovered - L1TF

Three new vulnerabilities in Intel processors discovered - L1TF

by Hilbert Hagedoorn on: 08/15/2018 08:54 AM | source: the register | 40 comment(s)
Three new vulnerabilities in Intel processors discovered - L1TF

Intel announced that three new serious vulnerabilities have been discovered for their processors, allowing unauthorized access to data in the L1 cache. The vulnerabilities are named L1 Terminal Fault, or L1TF.

L1TF vulnerabilities are made public in an announcement they also put up a page about the measures that have been taken about the new side channel attacks in a white paper about L1TF . The vulnerabilities effects both consumer processors and in Xeon server processors. They can be exploited by malware and malicious virtual machines to potentially steal secret information from computer memory, reports the register:

These secrets can include passwords, personal and financial records, and encryption keys. They can be potentially lifted from other applications and other customers' virtual machines, as well as SGX enclaves, and System Management Mode (SMM) memory. SGX is Intel's technology that is supposed to protect these secrets from snooping code. SMM is your computer's hidden janitor that has total control over the hardware, and total access to its data.

Across the board, Intel's desktop, workstation, and server CPUs are vulnerable. Crucially, they do not work as documented: where their technical manuals say memory can be marked off limits, it simply is not. This means malicious software on a vulnerable machine, and guest virtual machines on a cloud platform can potentially lift sensitive data from other software and other customers' virtual machines. 

It is the clearest example yet that, over time, Chipzilla's management traded security for speed: their processors execute software at a screaming rate, with memory protection mechanisms a mere afterthought. In the pursuit of ever-increasing performance, defenses to protect people's data became optional.

Redesigned Intel processors without these speculative execution design blunders are expected to start shipping later this year. Mitigations in the form of operating system patches, and hypervisor fixes, should be arriving any time now, and should be installed if you're worried about malware or malicious virtual machines slurping data. Keep your eyes peeled for these. Some of these software mitigations require Intel's Q2 2018 microcode update to be installed.

Here are the three cockups, which Intel has dubbed its L1 Terminal Fault (L1TF) bugs because they involve extracting secret information from the CPU level-one data cache:

  • CVE-2018-3615: This affects Software Guard Extensions (SGX), and was discovered by various academics who will reveal their findings this week at the Usenix Security Symposium. According to Intel, "systems with microprocessors utilizing speculative execution and software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via side-channel analysis." This vulnerability was named Foreshadow by the team who uncovered it. This will require the microcode update to fix.
  • CVE-2018-3620: This affects operating systems and SMM. According to Intel, "systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and side-channel analysis." Operating system kernels will need patching, and the SMM requires the microcode update, to be protected.
  • CVE-2018-3646: This affects hypervisors and virtual machines. According to Intel, "systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and side-channel analysis." This will require the microcode, operating system, and hypervisor updates to protect data.

The operating system and hypervisor-level flaws – CVE-2018-3620 and CVE-2018-3646 – were discovered by Intel's engineers after they were tipped off about CVE-2018-3615, the SGX issue, by the university researchers. The impact of these vulnerabilities, according to Chipzilla.



Three new vulnerabilities in Intel processors discovered - L1TF Three new vulnerabilities in Intel processors discovered - L1TF Three new vulnerabilities in Intel processors discovered - L1TF Three new vulnerabilities in Intel processors discovered - L1TF




« Cooler Master Launches its MasterLiquid ML360R RGB CPU Cooler · Three new vulnerabilities in Intel processors discovered - L1TF · Rune: Ragnarok - PC system requirements »

Related Stories

Nvidia EEC registrations indicate three new GeForce GPUs - 08/09/2018 05:29 PM
Remember the Manli entries? It's happening again. This round Nvidia has registrations active that point to the arrival of three models GeForce video cards. Earlier on the PCB of one of the cards alr...

iiyama celebrates three new G-Master monitors and the new G-Master logo - 05/17/2018 04:43 PM
iiyama celebrates the introduction of three new G-Master monitors and the new G-Master logo, iiyama launches a pan European competition where fans can win one of 10 brand new Black Hawk and Red Eagle...

Phanteks releases three new colors for Eclipse P300 - 04/19/2018 08:07 AM
Phanteks is releasing three new colors to the P300 Lineup: Black/Red, Black/White, and White. With its full metal exterior and a tempered glass side panel....

WD unveils three new G-Technology data solutions - 04/10/2018 07:25 AM
Western Digital unveils three new G-Technology data solutions, its G-Technology G-DRIVE and G-SPEED Shuttle product families. Working with large 4K and 8K RAW video means massive file sizes and is u...

Iiyama Adds Three New White Colored Monitors - 12/19/2017 10:50 AM
Three popular iiyama models, the 24’’ ProLite XUB2492HSU, 27’’ ProLite B2791HSU and ProLite XUB2792QSU are now available in a stylish white design. Bringing ele...


8 pages « 2 3 4 5 > »


Kaarme
Senior Member



Posts: 3289
Joined: 2013-03-10

#5574001 Posted on: 08/15/2018 01:52 PM
2017 and 2018 has been a couple of rough years for Intel.


Not really. The stock price has dropped less than a percent as a result of these news and the company is generating excellent profit. So, the flawed CPUs sell the same as ever. Security doesn't seem to be a priority for pretty much anybody.

mbk1969
Senior Member



Posts: 13409
Joined: 2013-01-17

#5574002 Posted on: 08/15/2018 01:54 PM
I guessed the meaning behind "TF".

nosirrahx
Senior Member



Posts: 435
Joined: 2013-04-05

#5574004 Posted on: 08/15/2018 01:56 PM
On other hand on a machine with high end component Optane bring almost nothing in real condition despite being a "revolution" on paper...


I have not found that to be the case although Optane is only really useful in cases that Intel does not support.

The 58GB 800P combined with a SATA SDD at the 2TB level is more than 100$ cheaper than a 2TB EVO and is also much faster.

Intel does not support this configuration though for reasons that they wont even explain.

I have a feeling that part of the reason Optane had such a rocky launch was that it was pushed up to help ensure that people see Intel as innovators after AMD delivered some amazing CPUs.

Optane could have been a killer product but the price, annoying form factors, hoops to jump through just to use it and low capacity all stood against it. Its a great technology that came to market doing everything wrong.

slyphnier
Senior Member



Posts: 813
Joined: 2009-11-30

#5574008 Posted on: 08/15/2018 02:14 PM
when it start designing security-focused-architecture
i think it will hard to give performance increase that most people been asking for every new generation

probably it even opposite
to create secure computing, it will taking lots resources, lantecy etc. imo
start with encrypt/decrypt... then probably wiping-traces... i believe its not stopping in there, it need more

then when intel releasing it, promoting it by saying the "most secure CPU ever made" .... but people seeing it perform so bad in benchmark... i bet not many people will put interest in it

schmidtbag
Senior Member



Posts: 7144
Joined: 2012-11-10

#5574021 Posted on: 08/15/2018 03:13 PM
Just hope that future architectures will be more security focused and maybe big companies will realize that is better to release when it's ready, not when suits the company or the shareholders.

I'm pretty sure most of these vulnerabilities were honest mistakes. Intel has barely done anything noteworthy since Ivy Bridge, so when you consider the vulnerabilities of modern hardware, they've had plenty of time to fix these issues (assuming they were aware of them in the first place). Intel is losing the interest of shareholders every time one of these vulnerabilities is revealed, so obviously if they were actually rushing anything, that has clearly backfired.
To put it in another perspective: their 10nm fabs can create working products, but don't yield enough good results to be usable for the mainstream market. Every half-year they hold this back, it makes them look worse (and affects shareholders). So, although I think Intel has been underestimating AMD and taking advantage of their customer loyalty, I don't think they're deliberately being negligent.

8 pages « 2 3 4 5 > »


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2023