Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Discussion in 'Frontpage news' started by zero_cool, Jan 2, 2018.

  1. D3M1G0D

    D3M1G0D Ancient Guru

    Messages:
    2,123
    Likes Received:
    1,358
    GPU:
    2 x GeForce 1080 Ti
    It is illogical to get house insurance only after your house burns down. This is why your logic is wrong. If a hacker hacks your system and makes off with sensitive data then applying the patch afterwards is pointless.
     
  2. vbetts

    vbetts Don Vincenzo Staff Member

    Messages:
    14,975
    Likes Received:
    1,537
    GPU:
    RTX 2070FE
    Let's get back on topic here folks...

    My question is, yeah while it is always great and recommended to be 100% protected, how many people does this affect? AMD had the TLB bug with the original Phenom, but if I remember correctly it only affected I think 1-3% real world usage?
     
    airbud7 likes this.
  3. Alessio1989

    Alessio1989 Ancient Guru

    Messages:
    1,805
    Likes Received:
    475
    GPU:
    .
    At least all CPUs from Nehalem to Skylake are affected, but probably all the "Core" Intel CPUs are bugged (including "Coffee Lake"). Not sure about older architecture (Core 2, Penmtium M, and previous).
     
  4. scatman839

    scatman839 Ancient Guru

    Messages:
    14,101
    Likes Received:
    490
    GPU:
    1080, KD55XD800
    Turanis likes this.

  5. kruno

    kruno Master Guru

    Messages:
    258
    Likes Received:
    70
    GPU:
    4890/1
    It affects everyone,both AMD and Intel,home users big firms,Microsoft,Linux,BSD... It is SECURITY FLAW,not performance flow,even if you are not on Intel someone is and that one is going to get pawned and used as attack vector to DDOS someone or something.Shear number of Intel system affected is in 100's of millions so it affects everyone regardless of OS and to some extent even CPU manufacturer; if they can't get you they will DDOS you.
     
    Embra likes this.
  6. alanm

    alanm Ancient Guru

    Messages:
    9,305
    Likes Received:
    1,563
    GPU:
    Asus 2080 Dual OC
    True. Stock price is still near its 52 week highs. The 'dip' is no worse than normal stock fluctuations, although likely related to this news.
     
  7. XP-200

    XP-200 Ancient Guru

    Messages:
    5,337
    Likes Received:
    890
    GPU:
    Zotac GTX 1080 Mini
    How long have Intel known about this hardware issue in their CPUs?
     
  8. chispy

    chispy Ancient Guru

    Messages:
    8,807
    Likes Received:
    956
    GPU:
    RTX 2080Ti - RX 590

    Fixed and corrected that for you ;)
     
  9. D3M1G0D

    D3M1G0D Ancient Guru

    Messages:
    2,123
    Likes Received:
    1,358
    GPU:
    2 x GeForce 1080 Ti
    I think he was saying that AMD systems can be affected as well, via vector attacks from an infected Intel system. To that point, I am seriously considering shutting down my old Intel system until a patch is available.
     
  10. user1

    user1 Ancient Guru

    Messages:
    1,553
    Likes Received:
    524
    GPU:
    hd 6870
    It will effect everyone using an intel system, this is a fundemental security issue, while we wont know the scope of the exploit for now,but the type of exploit this patch prevents is the type of thing that could allow a compromised browser to completely take over your machine from loading a bad webpage (speculation).

    , the perf impact varies depending on the application, disk access seems to be the most heavily effected atm, with a hit being as high as 50% in somecases (with an nvme drive), the hit can also be almost 0% in the case of something like a game, this is pretty bad for intel, their server chips may have just become completely un-competitive with epyc for anything that uses disk i/o.


    keep in mind this patch doesn't actually fix the issue, it merely makes the flaw difficult to exploit. this is much worse than the tlb bug. this is not something that can be patched with a microcode update.
     

  11. vidra

    vidra Ancient Guru

    Messages:
    2,623
    Likes Received:
    13
    GPU:
    EVGA GTX1060 6GB
    I'd rather have my performance, please. I have no money, no confidential data, nothing. All I have is my PC. Please don't mess with my performance!
     
    Lex Luthor likes this.
  12. D3M1G0D

    D3M1G0D Ancient Guru

    Messages:
    2,123
    Likes Received:
    1,358
    GPU:
    2 x GeForce 1080 Ti
  13. The Goose

    The Goose Ancient Guru

    Messages:
    2,439
    Likes Received:
    76
    GPU:
    MSIrtx2080 superXS
    So this affects vm users only then ?
     
  14. kruno

    kruno Master Guru

    Messages:
    258
    Likes Received:
    70
    GPU:
    4890/1
    I know that, buut when they pawn Guru3d server because it is on Intel(possibly) i will also be affected although i am on AMD ;my favorite site is dooown :(:(
     
  15. chispy

    chispy Ancient Guru

    Messages:
    8,807
    Likes Received:
    956
    GPU:
    RTX 2080Ti - RX 590
    I understand your statement better now ,im right there with you bro :(
     
    airbud7 and kruno like this.

  16. chispy

    chispy Ancient Guru

    Messages:
    8,807
    Likes Received:
    956
    GPU:
    RTX 2080Ti - RX 590
    Meanwhile Intel is doing damage control with a carefully , creative worded official released ( Intel trying to downplay things , how nice of them :rolleyes: ) statement: https://newsroom.intel.com/news/intel-responds-to-security-research-findings/

    I'm going to copy/paste a post from ocn from a moderator ( tpi2007 ) there , wish i believe he is correct and spot on with his statement.


    "" They aren't really refuting anything, just trying to downplay things with creative language. Let's parse it: ""

    Quote:
    Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or deletedata.

    " Skirting around the issue of the exploit being able to read data that it's not supposed to. Later in the press release they pretty much admit that the security problem exists, so it's all the more apparent what they are trying to do in this first paragraph. "

    Quote:
    Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

    " Trying to put other vendors in the same boat without naming anyone in specific or any product. "

    Quote:
    Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits.

    " Leaving in the air with creative language that AMD and ARM CPUs are also affected without actually saying it. "

    Quote:
    Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

    " Basically confirms what we know already. The issue exists and server workloads are going to be meaningfully affected; consumer ones not really. "

    Quote:
    Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.

    Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.

    Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.

    " AMD might disagree with that last paragraph right about now. "

    [​IMG]
     
    Last edited: Jan 3, 2018
  17. daffy101

    daffy101 Active Member

    Messages:
    76
    Likes Received:
    0
    GPU:
    670GTX with TT 2 cooler
    Only thing I'm interested in is the real world performance hit if any and a few benchmarks of typical intel CPUs once the code has been updated.
     
  18. waltc3

    waltc3 Maha Guru

    Messages:
    1,075
    Likes Received:
    329
    GPU:
    AMD 50th Ann 5700XT
    Yes, something similar in regards to TLB happened with AMD's initial batch processors--prior to the FX cpus. "Barcelona" was what I was straining to remember (Alzhiemer's a bitch...;)) First Phenom II's, wasn't it? Software patch/bios gimped performance so badly they had to go back to the silicon to fix it. Not good at all for Intel--if that is the case.

    Of course, no one knows *what the case is*--if it's a TLB problem, that could be why info is so sparse--they are doing massive CYA. It could also mean its all very much exaggerated, too. My biggest question is why it has taken so long to find this vulnerability--and why Intel's validation process wouldn't catch it? (Looks like AMD's caught it--but then that could also be because AMD is using a fundamentally different design from Intel for virtual ops--which we should all hope is true, of course, as certainly seems to be the case...;)) Intel's basic designs are much older and longer in the tooth than AMD's RYzen design--probably even the FX cpus are newer than Intel's too, I should think--fundamentally speaking, that is.

    Interesting question, though. If it's real we will hear a lot more about it as the days go on. If it's not or it's exaggerated then I would imagine that would be publicized, too. These things happen. Every cpu Intel and AMD has ever shipped has bugs--every single one--Intel calls it "errata"--I guess AMD does, too--but it's usually minor stuff that can be programmed around easily enough. Why so long to find it--is my biggest question. Or is it that it's long been known of but only now being revealed some ghostly figures...;)

    Such is life in cpu-dom, is my take...;) "If it weren't for bad luck, I'd have no luck at all!", etc.
     
  19. chispy

    chispy Ancient Guru

    Messages:
    8,807
    Likes Received:
    956
    GPU:
    RTX 2080Ti - RX 590
    Intel Claims on that press release " Intel believes its products are the most secure in the world... "

    [​IMG]

    To wish i say , remember Intel Management Engine security vulnerabilities discovered in November 2017 :eek: -
    https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00086&languageid=en-fr
    Summary:

    In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of our Intel® Management Engine (ME), Intel® Server Platform Services (SPS), and Intel® Trusted Execution Engine (TXE) with the objective of enhancing firmware resilience.

    As a result, Intel has identified security vulnerabilities that could potentially place impacted platforms at risk.



    Description:


    In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience.

    As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 6.x/7.x/8.x/9.x/10.x//11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted.





    Affected products:




    • 1st, 2nd, 3rd, 4th, 5th, 6th, 7th & 8th Generation Intel® Core™ Processor Family
    • Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
    • Intel® Xeon® Processor Scalable Family
    • Intel® Xeon® Processor W Family
    • Intel® Pentium® Processor G Series
    • Intel® Atom® C3000 Processor Family
    • Apollo Lake Intel® Atom Processor E3900 series
    • Apollo Lake Intel® Pentium™
    • Celeron™ G, N and J series Processors
    Based on the items identified through the comprehensive security review, an attacker could gain unauthorized access to platform, Intel® ME feature, and 3rd party secrets protected by the Intel® Management Engine (ME), Intel® Server Platform Service (SPS), or Intel® Trusted Execution Engine (TXE).

    This includes scenarios where a successful attacker could:

    • Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity.
    • Load and execute arbitrary code outside the visibility of the user and operating system.
    • Cause a system crash or system instability.
    • For more information, please see this Intel Support article
     
    __hollywood|meo and Jackalito like this.
  20. user1

    user1 Ancient Guru

    Messages:
    1,553
    Likes Received:
    524
    GPU:
    hd 6870
    No this effects everyone, though the greatest concern for many companies is the ability for it to be used to bypass Hypervisor protection (ie a vm being able to read and/or write to another vm on the same system)

    Which is why litterally everyone is patching their stuff. linux already has the patch, and windows is testing a patch already, and Xen( a popular hypervisior for vms) will also likely be patching around this.
     

Share This Page