[TC] [Updated] New secret-spilling flaw affects almost every Intel chip since 2011 - Overclock.net - An Overclocking Community

Forum Jump: 

[TC] [Updated] New secret-spilling flaw affects almost every Intel chip since 2011

Reply
 
Thread Tools
post #1 of 151 (permalink) Old 05-14-2019, 04:10 PM - Thread Starter
Retired Staff
 
JedixJarf's Avatar
 
Join Date: Dec 2010
Location: Coruscant
Posts: 9,436
Rep: 305 (Unique: 244)
[TC] [Updated] New secret-spilling flaw affects almost every Intel chip since 2011

Quote:
“ZombieLoad,” as it’s called, is a side-channel attack targeting Intel chips, allowing hackers to effectively exploit design flaws rather than injecting malicious code. Intel said ZombieLoad is made up of four bugs, which the researchers reported to the chip maker just a month ago.

Almost every computer with an Intel chips dating back to 2011 are affected by the vulnerabilities. AMD and ARM chips are not said to be vulnerable like earlier side-channel attacks.
Source: https://techcrunch.com/2019/05/14/zo...el-processors/

Update: Patches are being released.
Quote:
Big tech is stepping in to patch newly disclosed security flaws affecting almost every Intel chip since 2011.
Source: https://techcrunch.com/2019/05/14/in...ches-released/


Greaaat.... here we go again with more performance patches on my servers.



Last edited by TFL Replica; 05-15-2019 at 01:06 AM.
JedixJarf is offline  
Sponsored Links
Advertisement
 
post #2 of 151 (permalink) Old 05-14-2019, 04:22 PM
New to Overclock.net
 
Aussiejuggalo's Avatar
 
Join Date: May 2010
Location: Queensland, Australia
Posts: 3,462
Rep: 65 (Unique: 47)
All this security flaw stuff is why I've been switching everything over to AMD. Intel must've known about these flaws for years and still did nothing about them...

Humble SM5 MK2
(23 items)
CPU
AMD Ryzen 7 1800X
Motherboard
MSI B350M Mortar Arctic
GPU
MSI GTX 1070 ARMOR OC
RAM
G.Skill Trident Z F4-3200C14D-32GTZKW 32GB
Hard Drive
Samsung 960 EVO NVMe M.2 250GB
Hard Drive
Samsung 850 EVO 1TB
Hard Drive
Western Digital Blue WD10EZEX 1TB
Power Supply
EVGA Supernova G2 850W
Cooling
Corsair H100i V2
Cooling
Corsair ML120 Pro x5
Case
CaseLabs SM5
Operating System
Windows 10 Enterprise 2016 LTSB 64-Bit
Monitor
Dell U2414H
Monitor
Dell U2414H
Monitor
Asus VG248QE
Keyboard
WASD CODE 87-Key - Cherry MX Clear
Mouse
Zowie FK1
Mousepad
Artisan ZERO MID Black Large Mouse Pad
Audio
JDS Labs Element
Audio
Sennheiser HD 599
Audio
Samson Q2U
Audio
Swan M50W Powered 2.1 System
Audio
Rode AI1
▲ hide details ▲
Aussiejuggalo is offline  
post #3 of 151 (permalink) Old 05-14-2019, 04:26 PM - Thread Starter
Retired Staff
 
JedixJarf's Avatar
 
Join Date: Dec 2010
Location: Coruscant
Posts: 9,436
Rep: 305 (Unique: 244)
Quote: Originally Posted by Aussiejuggalo View Post
All this security flaw stuff is why I've been switching everything over to AMD. Intel must've known about these flaws for years and still did nothing about them...
Pretty sure AMD was also hit by Spectre last year along with intel, I just think they didn't suffer from meltdown like intel did.


JedixJarf is offline  
Sponsored Links
Advertisement
 
post #4 of 151 (permalink) Old 05-14-2019, 04:32 PM
New to Overclock.net
 
speed_demon's Avatar
 
Join Date: Nov 2006
Location: Wisconsin
Posts: 1,595
Rep: 92 (Unique: 72)
I'll have to link to the article I read earlier. From what I read in the other article, 9th gen chips are not affected in the same way as previous chips and disabling hyperthreading appears to be a partial solution to the vulnerability.

The software mitigation was mentioned in another article as being up to a 40% decrease in performance during benchmarks - Though I'm doubtful the performance difference is quite that extreme.

Edit: Here we are - https://www.tomshardware.com/news/in...ack,39333.html

And another site that affected users are being pointed to for further info - https://mdsattacks.com/



Last edited by speed_demon; 05-14-2019 at 04:37 PM.
speed_demon is offline  
post #5 of 151 (permalink) Old 05-14-2019, 04:47 PM
New to Overclock.net
 
Aussiejuggalo's Avatar
 
Join Date: May 2010
Location: Queensland, Australia
Posts: 3,462
Rep: 65 (Unique: 47)
Quote: Originally Posted by JedixJarf View Post
Pretty sure AMD was also hit by Spectre last year along with intel, I just think they didn't suffer from meltdown like intel did.

Yeah I know but it's still far less vulnerabilities than what Intel is hit by. I also thought most of the AMD ones you had to have physical access to the machines as well which makes the vulnerabilities on AMD's side kinda pointless in the first place.

Humble SM5 MK2
(23 items)
CPU
AMD Ryzen 7 1800X
Motherboard
MSI B350M Mortar Arctic
GPU
MSI GTX 1070 ARMOR OC
RAM
G.Skill Trident Z F4-3200C14D-32GTZKW 32GB
Hard Drive
Samsung 960 EVO NVMe M.2 250GB
Hard Drive
Samsung 850 EVO 1TB
Hard Drive
Western Digital Blue WD10EZEX 1TB
Power Supply
EVGA Supernova G2 850W
Cooling
Corsair H100i V2
Cooling
Corsair ML120 Pro x5
Case
CaseLabs SM5
Operating System
Windows 10 Enterprise 2016 LTSB 64-Bit
Monitor
Dell U2414H
Monitor
Dell U2414H
Monitor
Asus VG248QE
Keyboard
WASD CODE 87-Key - Cherry MX Clear
Mouse
Zowie FK1
Mousepad
Artisan ZERO MID Black Large Mouse Pad
Audio
JDS Labs Element
Audio
Sennheiser HD 599
Audio
Samson Q2U
Audio
Swan M50W Powered 2.1 System
Audio
Rode AI1
▲ hide details ▲
Aussiejuggalo is offline  
post #6 of 151 (permalink) Old 05-14-2019, 04:52 PM
New to Overclock.net
 
azanimefan's Avatar
 
Join Date: Feb 2013
Location: Phoenix, AZ
Posts: 1,899
Rep: 142 (Unique: 101)
Quote: Originally Posted by JedixJarf View Post
Pretty sure AMD was also hit by Spectre last year along with intel, I just think they didn't suffer from meltdown like intel did.
AMD was vulnerable to spectre if you accessed the bios on the PC personally (as in at the computer) and changed some settings to MAKE it vulnerable, then used a thumb drive to pre-load some virus. It was BARELY vulnerable to spectre. And AMD patched that out with Bios updates. To be fair to Intel, some of intel's vulnerabilities were just as silly, requiring personal contact with the machine and thumb drives and setting changes in the bios in order to affect the computer, the problem is intel was and is also vulnerable to a number of REMOTE vulnerabilities in it's chip design which were not capable of patching out through some bios updates. And a number of the ones which were patchable intel put out as optional (default off) bios updates due to the performance hits. Which is insanely irresponsible and shady as all heck.

[URL="https://www.overclock.net/t/1490324/the-intel-devils-canyon-owners-club/0_40"]Intel Devil's Canyon Owners Club
CPU
Ryzen r5 3600
Motherboard
Asus ROG Strix x470-I Gaming
GPU
GTX 970
RAM
GSkill Ripjaw V DDR4 3600
Hard Drive
Samsung Evo 970 m.2
Hard Drive
Samsung Evo 850
Power Supply
Seasonic X-650
Cooling
AMD Wrath Cooler
Case
Fractal Design Nano S
Operating System
Windows 10 Pro
Monitor
Acer K242hl
Monitor
Acer K242hl
Monitor
Acer K242hl
Keyboard
Corsair Strafe RGB Mechanical Gaming Keyboard
Mouse
Corsair Scimitar RGB Optical MOBA/MMO Gaming Mouse
Audio
Sennheiser - MOMENTUM Over-the-Ear Headphones
▲ hide details ▲
azanimefan is offline  
post #7 of 151 (permalink) Old 05-14-2019, 05:01 PM
✾ ✿ ❀ ❁
 
Alex132's Avatar
 
Join Date: Dec 2009
Posts: 8,366
Rep: 342 (Unique: 274)
I can't wait for this thread to turn into a bunch of people who think that they are smarter than the engineers at Intel

| This Cannot Continue | We Are Become As Gods | This Cannot Continue |

Vehicles:
Current: None.
Ex: '07 Fiat Palio, '07 Honda Accord Type-S
Illya
(26 items)
Yuki
(23 items)
CPU
Intel i9 9900K @ 5.2Ghz
Motherboard
Gigabyte Aorus Master
GPU
EVGA 1080 Ti FTW3
RAM
G.Skill Trident Z 32GB 4000Mhz
Hard Drive
Samsung 970 Pro 512GB
Hard Drive
Samsung 850 Evo 1TB
Hard Drive
WD Red 8TB
Power Supply
Seasonic Prime Titanium 850W
Cooling
EK Velocity CPU Block
Cooling
EK 1080 Ti FTW3 GPU Block
Cooling
HardwareLabs GTX420
Cooling
HardwareLabs GTS280
Cooling
HardwareLabs GTS140
Cooling
EK D5 140 Glass Pump/res
Case
Phanteks Evolv X
Operating System
Windows 10 Pro
Monitor
Asus ROG Swift PG279Q 165Hz 1440p
Monitor
I-INC 1920x1200 TN 27"
Keyboard
Ducky One 2 Midnight
Mouse
Logitech G502
Mousepad
CoolerMaster Swift-RX XL
Audio
Sennhesier HD650
Audio
Schiit Jotunheim Amp/DAC
Audio
Samson C01U Microphone
Audio
Edifier R1700BT
Other
Oculus Rift
CPU
Intel 2500K 5Ghz
Motherboard
ASUS P8P67 Pro
GPU
EVGA 1080 Ti FTW3
RAM
G.Skill RipJaws X 2133Mhz 16GB
Hard Drive
120GB Corsair Neutron GTX
Hard Drive
Samsung 850 Evo 1TB
Hard Drive
WD Red 8TB
Power Supply
EVGA G3 850W
Cooling
Hyper 212
Cooling
EK Vardar fans
Case
Corsair 270R w/TG mod
Operating System
Windows 10
Monitor
Asus ROG Swift PG279Q
Monitor
I-Inc 1200p
Keyboard
Razer BlackWidow 2013
Mouse
Logitech G502 Proteus Spectrum
Mousepad
CoolerMaster Swift-RX XL
Audio
Sennheiser HD650
Audio
Schiit Jotunheim Balanced DAC + Amp
Audio
Edifier R1700BT Speakers
Audio
Samson C01U Microphone
Other
Oculus Rift
Other
PS4 Controller
▲ hide details ▲


Alex132 is offline  
post #8 of 151 (permalink) Old 05-14-2019, 05:36 PM
New to Overclock.net
 
m4fox90's Avatar
 
Join Date: Sep 2017
Posts: 523
Rep: 11 (Unique: 9)
Classic Intel.

Silence in the Snow
(13 items)
CPU
Ryzen 3900X
Motherboard
ASRock X370 Taichi
GPU
RTX 2080Ti Black Edition/Hydro Copper
RAM
G.Skill RipJaws V 16 GB
Hard Drive
Samsung 960 EVO 500GB
Hard Drive
Seagate Barracuda 3TB
Hard Drive
Seagate FireCuda 2TB
Power Supply
EVGA G3
Cooling
EK PE360 + Hardware Labs Black Ice GTS360
Cooling
EK Supremacy EVO
Case
Lian Li PC-O11 Dynamic
Operating System
Windows 10 Home
Monitor
Predator XB271HU
▲ hide details ▲
m4fox90 is offline  
post #9 of 151 (permalink) Old 05-14-2019, 06:29 PM
 
The Robot's Avatar
 
Join Date: Mar 2013
Posts: 2,327
Rep: 130 (Unique: 82)
Truly a gift that keeps on giving.

Main
(17 items)
Nintendo DS
(8 items)
CPU
6700K
Motherboard
Gigabyte Z170X-Gaming 3
GPU
MSI GTX 1080 Gaming X
RAM
G.Skill Ripjaws V 16GB 3000
Hard Drive
Samsung 850 Evo 500GB
Hard Drive
WD Blue 3TB
Power Supply
EVGA 650 G2
Cooling
Noctua NH-D15S
Cooling
Nanoxia Deep Silence 140mm
Cooling
Nanoxia Deep Silence 120mm
Case
Corsair 400Q
Operating System
Windows 10 Enterprise
Monitor
ViewSonic XG2703-GS 1440p
Keyboard
Leopold FC750 (MX Brown)
Mouse
Logitech Performance Mouse MX
Audio
Mayflower Objective2 + ODAC Rev. B Combo
Audio
Audio-Technica ATH-A990Z
CPU
ARM946E-S 67.028 MHz
CPU
ARM7TDMI 33.514 MHz
RAM
4 MB
Hard Drive
256 kB
Power Supply
850 mAh
Operating System
DS OS
Monitor
3" 256×192 18-bit
Monitor
3" 256×192 18-bit
▲ hide details ▲
The Robot is offline  
post #10 of 151 (permalink) Old 05-14-2019, 07:48 PM
Waiting for 7nm EUV
 
tpi2007's Avatar
 
Join Date: Nov 2010
Posts: 11,469
Rep: 898 (Unique: 504)
Quote: Originally Posted by speed_demon View Post
I'll have to link to the article I read earlier. From what I read in the other article, 9th gen chips are not affected in the same way as previous chips and disabling hyperthreading appears to be a partial solution to the vulnerability.

The software mitigation was mentioned in another article as being up to a 40% decrease in performance during benchmarks - Though I'm doubtful the performance difference is quite that extreme.

Edit: Here we are - https://www.tomshardware.com/news/in...ack,39333.html

And another site that affected users are being pointed to for further info - https://mdsattacks.com/



From the source site's FAQ #1 (https://mdsattacks.com/), it seems that 9th gen chips may actually be more affected in some ways than previous gen chips (underlined for emphasis):

Quote:
FAQ

Am I affected?

Very likely. Our attacks affect all modern Intel CPUs in servers, desktops and laptops. This includes the latest 9th-generation processors, despite their in-silicon mitigations for Meltdown. Ironically, 9th-generation CPUs are more vulnerable to some of our attacks compared to older generation hardware. Processors from other vendors (AMD and ARM) do not appear to be affected. Official statements from these vendors can be found in the RIDL and Fallout papers.


It's interesting how some articles are not mentioning this at all. The Ars Technica article overlooks the advice given by the researchers of disabling HT (only makes a very brief mention to the problem), and also the above about the 9th gen chips. TPU's article is a bit better, but still doesn't cover the quote above and just says what Intel says, like Ars.

I had to go read the Fallout paper (available from the https://mdsattacks.com/ site), and it's right there on the first page:

Quote:
Fallout affects all processor generations we have tested. However, we notice a worrying regression, where the newer Coffee Lake R processors are more vulnerable to Fallout than older generations.


And right there on page 2:

Quote:
In an attempt to claw back some of the performance loss, and to permanently eliminate Fore-shadow and Meltdown related issues, Intel announced already back in 2018 strong, silicon-based Meltdown defenses in future processors enumerating Rogue Data Cache Load resilience (RDCLNO) [22]. With the recent release of the 9th generation Coffee Lake R microarchitecture, such Meltdown-resistant processors are finally available on the mass consumer market. The RDCLNO security feature promises to obviate the need for KPTI and other defenses, while improving overall performance [6]. However, while Intel claims that these fixes address Meltdown and Foreshadow, it remains unclear whether new generations of Intel processors are properly protected against Meltdown-type transient execution attacks. Thus, in this work we set out to investigate the fol-lowing question:

Is kernel data safe in the new generation of processors? Can ad-hoc software mitigations be safely disabled on post-Meltdown Intel hardware?

1.1 Our Contribution

Unfortunately, in this paper, we answer these questions in the negative.
Quote:
Security Analysis of Speculation Mechanisms and Coffee Lake Refresh. As a final contribution, we present the first analysis of various exception-creation and exception-suppression mechanisms used to mount Fallout across various Intel architectures. As we show, not all creation and suppression mechanisms are interchangeable, and the exact combination is, in fact, architecture dependent. Finally, we show that the hardware change in exception creation and suppression introduced by Intel in the latest Coffee Lake Refresh architecture make them more vulnerable to our attack.


Page 11:

Quote:
6 Conclusions and Future Work

Flushing-Based Countermeasures. Because the store buffer is not shared across hyperthreads, leaks can only occur when the security domain changes within a hyperthread. Thus, flushing the store buffer on security domain change is sufficient to mitigate the attack. In particular, we verified that using MFENCE as part of the switch from kernel mode to user mode thwarts the attack.

Limitations. As mentioned above, the attacks described in Section 4 are unable to leak information across hyperthreads. Moreover, as Meltdown software countermeasures (KPTI) flush the buffer on leaving the kernel, and as the store buffer is automatically flushed on change of the CR3 register (i.e., on context switch), only latest generation Coffee Lake R machines are vulnerable to the attack described in Section 4. Ironically, the hardware mitigations present in newer generation Coffee Lake R machines make them more vulnerable to Fallout than older generation hardware.


The news sites are not doing their work properly.



Last edited by tpi2007; 05-14-2019 at 08:12 PM.
tpi2007 is offline  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off