Vakawana imwe Meltdown vulnerability inobata AMD processors

Munguva pfupi yapfuura boka revatsvakurudzi kubva kuGraz University of Technology (Austria) uye Helmholtz Center yeRuzivo Ruzivo (CISPA) yakaburitsa ruzivo rwekusagadzikana (CVE-2021-26318) pane ese AMD processors izvo zvinogona kubvumira Meltdown-kirasi padivi chiteshi kurwisa.

Takatarisana neruzivo rwemunhu rwakaburitswa rwe AMD yakaita kuti zvizivikanwe kuti inoona zvisina kukodzera kutora matanho akakosha kuvhara dambudziko, sezvo kusazvibata, sekurwiswa kwakafanana kwakaonekwa muna Nyamavhuvhu, hakushandi zvakanyanya mumamiriro ezvinhu chaiwo, kubvira. inotaura kuti inoganhurwa nemiganhu yazvino yenzvimbo yekero yemaitiro uye inoda kutevedzana kwemirairo (magajeti) mu kernel. Kuti varatidze kurwiswa, vaongorori vakaisa yavo kernel module ine yakawedzera dhizaini. Muhupenyu chaihwo, vanorwisa vanogona, semuenzaniso, kugara vachishandisa kusagadzikana muEBPF subsystem kutsiva inodiwa inoteedzana.

Kubva pane inoshanda maonero, kurwiswa kunogona kushandiswa kuronga zvakavanzika data kutapurirana nzira, tarisa chiitiko mu kernel kana kuwana ruzivo nezve kero mu kernel ndangariro kudzivirira dziviriro yakavakirwa pakero randomisation (KASLR) mukuita kwekushandisa kusasimba mu kernel.

Isu takawana nguva uye mutsauko wesimba weiyo prefetch rairo inogona kucherechedzwa kubva kune isina-yakasarudzika nzvimbo yemushandisi. Kusiyana nebasa rekare pa prefetch kurwisa kuIntel, isu takaratidza kuti iyo prefetch rairo pa AMD inosefa kunze kunyange rumwe ruzivo. Isu tinoratidza kukosha kweiyi chiteshi chiteshi neakawanda nyaya zvidzidzo mumamiriro epasirese chaiwo. Isu tinoratidza kuparara kwekutanga kweKASLR microarchitecture.

Kuti uzvidzivirire pakurwiswa kutsva uku, AMD yakakurudzira kushandiswa kwemaitiro akachengeteka ekunyorera izvo zvinobatsira kudzivirira Meltdown kurwisa, sekushandisa LFENCE zvirevo. Vatsvagiri vakaona nyaya iyi vanokurudzira kugonesa kuomesesa ndangariro peji tafura yega (KPTI), iyo yaimboshandiswa chete kune Intel processors.

Munguva yekuyedza, vaongorori vakakwanisa kuburitsa ruzivo kubva ku kernel kuenda kumaitiro munzvimbo yemushandisi.kana nekumhanya kwe52 bytes pasekondi, kana paine mudziyo mukernel unoshanda, nzira dzakati wandei dzakarongwa kuti dzibvise ruzivo rwakachengetwa mu cache panguva yekufungidzira kuurayiwa kuburikidza nevechitatu-bato nzira.

Nzira yekutanga inobva pakuongorora kwekutsauka kwenguva yekuurayan yekuraira kwe processor uye yechipiri yekuchinja kwekuchinja kwesimba rekushandisa kana "PREFETCH" (Prefetch + Power) yaitwa.

Isu tinotarisisa chiitiko chekernel, semuenzaniso kana odhiyo ichiridzwa kuburikidza neBluetooth, uye isu tinomisa yakavanzika chiteshi. Pakupedzisira, isu takatosefa kernel ndangariro pa52.85 B / s ine yakapusa Specter zvishandiso paLinux kernel. Isu tinoratidza kuti yakasimba peji tafura yekuzviparadzanisa inofanira kugoneswa pa AMD CPUs nekukasira kudzikamisa yedu yakabudirira kurwiswa

Rangarira kuti iyo yekirasi Meltdown vulnerability yakavakirwa pa chokwadi chekuti panguva kufungidzira kuita kwemirairo iyo processor inogona kuwana yakavanzika data nzvimbo uye wobva warasa mhedzisiro, sezvo ropafadzo dzakasimbiswa dzinorambidza kupinda kwakadaro kubva kune mushandisi maitiro. Muchirongwa ichi, chivharo chekufungidzira chinoparadzaniswa kubva kukodhi huru nebazi rine zvirevo, iro pasi pemamiriro chaiwo rinogara richidzingwa, asi nekuda kwekuti chiziviso chine chirevo chinoshandisa kukosha kwakaverengerwa iyo processor isingazive panguva yekutanga kodhi kuuraya. , kufungidzira kuurayiwa kwese kusarudzwa kwebazi kunoitwa.

Sezvo fungidziro mashandiro anoshandisa cache imwechete pane zvinowanzoitwa mirairo, zvinogoneka panguva yekufungidzira kuurayiwa kune cache mamaki anoratidza bit content mafaira ega ega munzvimbo yakavharwa yekurangarira, uyezve mukodhi inowanzoitwa kuti ione kukosha kwayo kuburikidza nekuongorora nguva inowana zvese zvakachengetwa uye zvisina-cached data.

Finalmente kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo Mune inotevera chinongedzo.


Iva wekutanga kutaura

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako