Windows and Linux kernel developers are pushing out security updates for the operating systems to mitigate a security flaw in Intel processors, The Register reported.
Patches for the Linux kernel have already started being published, and Microsoft is expected to introduce the necessary fixes to Windows in an upcoming Patch Tuesday.
The kernel-level fixes for the design flaw in Intel’s chips will results in slow-downs of everyday tasks of between 5% and 30%.
Details of the Intel CPU design flaw are still under embargo, but based on publicly-available information it appears as though a chip-level bug allows user-level processes to read kernel memory.
Depending on the exact nature of the flaw, it may allow malware-makers to more easily exploit other vulnerabilities in a system.
At worst, the bug could allow programs to read secret data such as passwords stored within the kernel’s memory.
Speculative memory references
There is speculation that the flaw might be a bypass for “kernel address space layout randomisation”, which protects against attackers re-using computer instructions in known locations in memory.
However, an e-mail AMD sent to the Linux kernel mailing list suggests that the issue may be related to speculative execution — a mechanism CPUs rely on to keep their pipelines filled with instructions which they “speculate” may be executed next by a program:
AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.
According to the report, Intel processors released in the last decade are affected by the issue but its newest CPUs may not be affected.Forum discussion