Kernel memory leaking Intel processor design flaw

[Brink]

A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 percent slow down, depending on the task and the processor model. More recent Intel chips have features – such as PCID – to reduce the performance hit. Your mileage may vary.

Tweet

— Twitter API (@user) View on Twitter

Similar operating systems, such as Apple's 64-bit macOS, will also need to be updated – the flaw is in the Intel x86-64 hardware, and it appears a microcode update can't address it. It has to be fixed in software at the OS level, or go buy a new processor without the design blunder.

Details of the vulnerability within Intel's silicon are under wraps: an embargo on the specifics is due to lift early this month, perhaps in time for Microsoft's Patch Tuesday next week. Indeed, patches for the Linux kernel are available for all to see but comments in the source code have been redacted to obfuscate the issue.

However, some details of the flaw have surfaced, and so this is what we know.

Read more: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign - The Register


See also:

• https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
• https://newsroom.intel.com/news/intel-responds-to-security-research-findings/
• Intel Issues Updates to Protect Systems from Security Exploits - Windows 10 Forums
• Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities

 

[GEWB]

Follow the money.

"Intel's CEO Just Sold a Lot of Stock" headline from Motley Fool

Indeed, as explained here, insider selling isn't always a red flag.

However, there were two transactions that Krzanich reported in that Form 4 filing that I thought were more notable than typical stock option exercises and subsequent share sales. Let's take a closer look.

https://www.fool.com/investing/2017/12/19/intels-ceo-just-sold-a-lot-of-stock.aspx

 

[GEWB]

"Details of the vulnerability within Intel's silicon are under wraps..." - not any more as crack PoC has been posted. Sneak peek on Twitter by Brainsmoke:

Tweet

— Twitter API (@user) View on Twitter

 

[Brink]

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.

Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.

Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.

Source: https://newsroom.intel.com/news/intel-responds-to-security-research-findings/

 

[Pete4]

The way I understand it, CPU is doing predictive branching prefetch without checking permissions, so code will run faster, but also wide open to hacks. This is probably going all the way back to original Core duo and I have hard time believing this wasn't done on purpose to beat competition. The fix will not affect speed of consumer pcs playing games, video or browsing internet, that much, but could potentially slow down servers by up to 30% or more, depending on code. Intel stock dropped more than 3% (about 6 billion give or take) and AMD went up over 5%. If Intel's CEO selling all his Intel stock (that he legally could sell obeying bylaws) is not insider trading, I don't know what is.

 

[Layback Bear]

I watch a lot of news channels and I have not seen anything about Intel's CEO selling all of his Intel shares.

From post #5

If Intel's CEO selling all his Intel stock (that he legally could sell obeying bylaws) is not insider trading, I don't know what is.

The market went up over 25,000 today and I believe if the CEO of Intel sold all his stock somebody would of reported it on some of the business channels.

Jack

 

[Pete4]

https://www.cnbc.com/2018/01/04/int...lready-knew-about-massive-security-flaws.html
Here is one.
He can't sell all his shares, bylaws require him to keep 250k shares, so he sold everything above that, more than 100k. He did file this sale with SEC, still he sold shares knowing something most people didn't.
Actually there was gag order on this bug, until the fix is out and I think this was discovered by security people sometime this summer or something if I'm not mistaken

 

[Layback Bear]

I just got KB4056892 for my Windows 10 system.
I'm understanding the 'KB' is suppose to take care of the problem.
It downloaded and installed in 4 minutes.
I restarted twice and things seem to be okay.

Jack

 

[Brink]

See also: January 3, 2018 - KB4056897 (Security-only update) Windows 7 - Windows 7 Help Forums

 

[Pete4]

I just checked and no security updates for my system at all, actually no updates since 12/23. Maybe need to download manually.