[Chugalug] Another Critical Intel Issue

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[Chugalug] Another Critical Intel Issue

Keith
This is fun:

It is understood the bug is present in modern Intel processors produced in the past decade. It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.”

And the fix could carry a performance hit of 5-30%. 


_______________________________________________
Chugalug mailing list
[hidden email]
http://chugalug.org/cgi-bin/mailman/listinfo/chugalug
Reply | Threaded
Open this post in threaded view
|

Re: [Chugalug] Another Critical Intel Issue

Stephen Kraus
And AMD bypasses it by simply turning off a feature that is not normally enabled anyways.

"AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault. Disable page table isolation by default on AMD processors by not setting the X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI is set."

https://twitter.com/brainsmoke/status/948561799875502080

https://nixcraft.tumblr.com/post/169209890277/the-mysterious-case-of-the-linux-page-table




On Wed, Jan 3, 2018 at 11:46 AM, Keith <[hidden email]> wrote:
This is fun:

It is understood the bug is present in modern Intel processors produced in the past decade. It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.”

And the fix could carry a performance hit of 5-30%. 


_______________________________________________
Chugalug mailing list
[hidden email]
http://chugalug.org/cgi-bin/mailman/listinfo/chugalug



_______________________________________________
Chugalug mailing list
[hidden email]
http://chugalug.org/cgi-bin/mailman/listinfo/chugalug
Reply | Threaded
Open this post in threaded view
|

Re: [Chugalug] Another Critical Intel Issue

Ed King-2
In reply to this post by Keith

This is exactly why I keep my important financial records on my Z80-based Osborne 1



From: Chugalug <[hidden email]> on behalf of Keith <[hidden email]>
Sent: Wednesday, January 3, 2018 11:46 AM
To: Chattanooga Unix Gnu Android Linux Users Group
Subject: [Chugalug] Another Critical Intel Issue
 
This is fun:

It is understood the bug is present in modern Intel processors produced in the past decade. It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.”

And the fix could carry a performance hit of 5-30%. 


_______________________________________________
Chugalug mailing list
[hidden email]
http://chugalug.org/cgi-bin/mailman/listinfo/chugalug
Reply | Threaded
Open this post in threaded view
|

Re: [Chugalug] Another Critical Intel Issue

David White-2
Be careful as you patch your OS - I've had trouble with Linode's and Digital Ocean's patches this morning.

In the case of a CentOS 6 server on Digital Ocean, I've reverted to re-launching the server and restoring from backups.

On Thu, Jan 4, 2018 at 9:47 AM, Ed King <[hidden email]> wrote:

This is exactly why I keep my important financial records on my Z80-based Osborne 1



From: Chugalug <[hidden email]> on behalf of Keith <[hidden email]>
Sent: Wednesday, January 3, 2018 11:46 AM
To: Chattanooga Unix Gnu Android Linux Users Group
Subject: [Chugalug] Another Critical Intel Issue
 
This is fun:

It is understood the bug is present in modern Intel processors produced in the past decade. It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.”

And the fix could carry a performance hit of 5-30%. 


_______________________________________________
Chugalug mailing list
[hidden email]
http://chugalug.org/cgi-bin/mailman/listinfo/chugalug




--
David White

_______________________________________________
Chugalug mailing list
[hidden email]
http://chugalug.org/cgi-bin/mailman/listinfo/chugalug