Home > News content

Researchers warn of new hyper threading vulnerabilities in Intel CPU

via:cnBeta.COM     time:2018/6/27 0:08:28     readed:85

TLBleed vulnerability exploits Intel hyper threading technology. After enabling this technology, each kernel can execute multiple threads at the same time (usually two threads). These threads share resources in the kernel, including memory caching and TLB. When two programs run in the same kernel, one of them can monitor another thread by checking their access to CPU dedicated resources, so by these observations, you can get the encrypted content on another thread.

Researchers say they can use TLBleed to extract encryption keys from another running program of Intel's Skylake Core i7-6700K, with a success rate of up to 99.8%. The test success rate of using other types of Intel processors is similar. Most users don't have to worry about TLBleed. To use it, malware is installed on the system first, or malicious users gain access. And there is no evidence that hackers have used this kind of vulnerability.

This does not mean that TSBleed should not be paid attention to. Last week, the open source operating system OpenBSDDevelopmentPersonnel have disabled the hyper threading technology on Intel processor to prevent this vulnerability. Project leader Theo de Raadt will publish a research paper at the black hat conference in August this year, which will reveal why they will make changes. Intel seems to be indifferent to any potential threat from TLBleed. It did not request a CVE number for this vulnerability, or even refused to award the bug prize to researchers (through HackerOne).

2017-11-10-image-18.jpg

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments