Abaphenyi baseGraz University of Technology (E-Austria) iveze imininingwane ngendlela entsha ye- hlasela ngokusebenzisa I-ZombieLoad 2.0 (CVE-2019-11135), okuyi ivumela ukukhishwa kolwazi oluyimfihlo kwezinye izinqubo, uhlelo olusebenzayo, imishini ebonakalayo kanye nokufakwa okuvikelekile (i-TEE, i-Trusted Execution Environment). Inkinga kuthinta kuphela ama-processor we-Intel. Izakhi zokuvimba inkinga zaphakanyiswa ekuvuselelweni kwayizolo le-microcode.
Inkinga ingeyesigaba se-MDS (Microarchitectural Data Sampling) futhi yinguqulo yesimanje yokuhlaselwa kweZombieLoad, eyethulwe ngoMeyi. I-ZombieLoad 2.0, kanye nokunye ukuhlaselwa kwesigaba se-MDS, kusekelwe ekusetshenzisweni kwezindlela zokuhlaziya ezivela eceleni kudatha ezakhiweni ezincane zokwakha (ngokwesibonelo, ku-Line Fill Buffer and Store buffers, lapho idatha esetshenziswe kule nqubo igcinwa khona okwesikhashana ukwenza imisebenzi yokulayisha nokugcina).
Lokhu kwahluka okusha by Zombieload kuncike ekuvuzeni okwenzeka lapho inqubo ye-TSA isetshenziswa Ukukhipha isisu okungu-Asynchronous (TSA) kusandiso se-TSX (Transactional Synchronization Extensions), enikeza izindlela zokusebenza ngememori yokuthengiselana, evumela ukwandisa ukusebenza kwezicelo ezifundwayo eziningi ngenxa yokukhishwa okunamandla kwemisebenzi yokuvumelanisa okungadingekile (ukuthengiselana kwe-athomu kuyasekelwa, okungamukelwa noma kuphazanyiswe).
Uma kwenzeka kunqamuka, imisebenzi eyenziwe ngesifunda semisebenzi yenkumbulo ibuyiselwa emuva. Ukukhanselwa kokuthengiselana kwenziwa ngokuvumelanayo, lapho eminye imicu ingafinyelela khona inqolobane, esetshenziswa futhi esifundeni sememori esilahliwe senkumbulo.
Kusukela ekuqaleni kuze kube sekuqedweni kwangempela kokuphazamiseka ukuthengiselana kwe-asynchronous, kanyeIzimo zingenzeka lapho iprosesa, ngesikhathi kwenziwa umsebenzi wokuqagela, ingafunda idatha kusuka kuma-buffers angaphakathi kwe-microarchitectural futhi iyidlulise ekusebenzeni okwenziwe ngokuqagela.
Ukungqubuzana kuzobe sekutholakala bese kuthi umsebenzi wokuqagela ulahlwe, kepha imininingwane izohlala kunqolobane futhi ingakhishwa kusetshenziswa izindlela zokubuyisa i-cache ngeziteshi zomuntu wesithathu.
Ukuhlaselwa kubhekisele ekuvulekeni kokuthengiselana kwe-TSX futhi kudale nezimo zokuphazanyiswa kwabo okungathandeki, lapho izimo zokuvuza kokuqukethwe kwama-buffers angaphakathi zigcwele ngokuningiliziwe kwedatha yememori efundwayo yokusebenza eyenziwe kumnyombo ofanayo we-CPU.
Ukuvuza kunqunyelwe kumongo wamanje we-CPU (lapho ikhodi yomhlaseli isebenza khona), kepha njengoba ama-microarchitecture buffers abiwa ngemicu ehlukene kumodi ye-Hyper-Threading, ukusebenza kwememori okwenziwe kungahle kuvuze kweminye imicu ye-CPU.
Amanye amamodeli we-Intel akhishiwe owahlolile ukuhlaselwa kwabo kungokwesizukulwane sesishiyagalombili, sesishiyagalolunye neseshumi sabaprosesa I-Intel Core nePentium, i-Intel Celeron 5000, i-Intel Xeon E, i-Intel Xeon W nesizukulwane sesibili samaprosesa we-Intel Xeon asabekayo.
Kubandakanya amaprosesa amasha we-Intel nawo asuselwa ekwakhiweni kwezinto ezincane I-Cascade Lake yafakwa ngo-Ephreli, ekuqaleni eyayingathinteki ekuhlaselweni yi-RIDL ne-Fallout.
Ngaphezu kweZombieload 2.0, abacwaningi baphinde bathola ukuthi izindlela zokuvikela ebezihlongoziwe phambilini zinganqanyulwa ngokumelene nokuhlaselwa kwe-MDS okususelwa ekusetshenzisweni komyalelo we-VERW ukusula okuqukethwe kwama-microarchitecture buffers lapho ebuya kusuka ku-kernel kuya esikhaleni somsebenzisi noma lapho edlulisela ukulawula ohlelweni lwezivakashi.
Izixazululo zokuvimba ukuba sengozini zifakiwe ku- isisekelo sekhodi se- i-linux kernel futhi afakiwe kufayela le- izinhlobo 5.3.11, 4.19.84, 4.14.154, 4.9.201 no-4.4.201. Futhi kukhishwe izibuyekezo ze-kernel ne-microcode kokwabiwa okuyinhloko (I-Debian, SUSE / openSUSE, Ubuntu, RHEL, Fedora, FreeBSD). Inkinga ikhonjwe ngo-Ephreli futhi isixazululo sasiqondiswa yi-Intel nabathuthukisi bezinhlelo zokusebenza.
Indlela elula yokuvimba iZombieload 2.0 ukukhubaza ukwesekwa kwe-TSX ku-CPU. Isixazululo se-Linux kernel sifaka izinketho eziningi zokuphepha.