CROSSTalk ukubekeka engcupheni kokuvuza kwedatha kuthiwani uma… kuthinta i-Intel

Darkcrizt

Imizuzu ye-4

i-intel-bug

Kalula I-Intel iqhubeke nokuba yisisulu sobuthakathaka obuhlukahlukene lokho kuholela ekuvuzeni kwedatha futhi sikhulume kakhulu ngabo lapha kubhulogi Futhi kule entsha, i-Intel isekhona okuhlukile.

Futhi yilokho iqembu labacwaningi abavela eFree University of Amsterdam ha ikhombe ukuba sengozini okusha (I-CVE-2020-0543) kuzakhiwo ze-microarchitecture yamaprosesa we-Intel, aphawuleka ngeqiniso lokuthi ikuvumela ukuthi ubuyise imiphumela yeminye imiyalo run kwenye core CPU.

Lokhu ukuba sengozini kokuqala kwendlela yokwenza imiyalo yokuqagela, ukuvumela ukuvuza kwedatha phakathi kwama-CPU cores ahlukene (Phambilini, ukuvuza bekukhawulelwe kwimicu ehlukene yenhlamvu.)

i-intel-bug
I-athikili ehlobene:
Kutholakale ukuba sengozini okusha kuma-processor we-Intel futhi akukwazi ukulungiswa

Abaphenyi babiza inkinga ngokuthi yi-CROSSTalk, kepha ama-Intel amadokhumenti abhekisa ekungcupheni njenge-SRBDS (Sample Special Register Buffer Data).

Mayelana ne-CROSSTalk

Ukuba sengozini kungokwesigaba sezinkinga ze-MDS, esethulwe ngonyaka odlule, futhi kusekelwe ekusetshenzisweni kwezindlela zokuhlaziya ezivela eceleni kwidatha ezakhiweni ze-microarchitecture.

Isimiso se-CROSSTalk kuseduze nobungozi be-RIDL, kepha yehlukile kumthombo wokuvuza. Ukuba sengozini okusha ilawula ukuvuza kwesikhala esiphakathi phambilini engenawo amaphepha okwabiwe phakathi kwawo wonke ama-CPU cores.

Ingqikithi yenkinga ukuthi eminye imiyalo ye-microprocessor, kufaka phakathi i-RDRAND, i-RDSEED, ne-SGX EGETKEY, isetshenziswa kusetshenziswa i-SRR (Special Register Reads) yokusebenza kwangaphakathi kwe-microarchitecture.

Kumaprosesa asengozini, idatha ebuyiselwe i-SRR ifakwa kubhafa ephakathi nendawo ejwayelekile kuwo wonke ama-cores we-CPU, ngemuva kwalokho idluliselwe kubhafa yenani labantu elihlotshaniswa nomnyombo othile we-CPU lapho iqala khona ukusebenza. Funda ukusebenza. Ngemuva kwalokho, kusuka kusikhumbuzi se-padding, inani likopishwa kumarejista abonakalayo kuzinhlelo zokusebenza.

Usayizi wesikhala sesikhashana esabiwe ihambelana nolayini we-cache, ukuthi ngokuvamile inkulu kunosayizi wedatha efundiwe futhi imisebenzi ehlukile yokufunda ifaka okuthize okuhlukile kubhafa.

Njengoba i-buffer eyabiwe ikopishelwa kuyo yonke i-buffer yokugcwalisa, hhayi kuphela ingxenye edingekayo yokusebenza kwamanje ehanjiswayo, kodwa futhi nedatha esele evela kokunye ukusebenza, kufaka phakathi leyo eyenziwe kwamanye ama-CPU cores.

Uma ukuhlaselwa kuhlelwe ngempumelelo, umsebenzisi wendawo uqinisekiswe kusistimu inganquma umphumela ukwenza imiyalo ye-RDRAND, RDSEED ne-EGETKEY ngenqubo engajwayelekile noma ngaphakathi kwe-Intel SGX enclave, ngaphandle komongo we-CPU ikhodi isebenza.

Abaphenyi ngubani othole inkinga ishicilele uhlobo oluthile lokuxhaphaza olukhombise ukuthi kungenzeka kube nemininingwane evuzayo ngamanani angahleliwe atholwe ngemiyalo ye-RDRAND ne-RDSEED yokubuyisa ukhiye wangasese we-ECDSA osetshenzwe endaweni ebiyelwe ye-Intel SGX ngemuva kokwenza umsebenzi owodwa kuphela osayiniwe ngamadijithali kuhlelo.

Lokhu kukhombisile ukuthi anhlobonhlobo yamaprosesa we-Intel desktop, amaselula nama-server, kufaka phakathi i-Core i3, i5, i7, i9, m3, iCeleron, i-Atom, i-Xeon, i-Scalable Xeon, njll.

Kuyaphawuleka ukuthi I-Intel yaziswa ngobungozi ngoSepthemba 2018 kwathi ngoJulayi 2019 kwahlinzekwa ukuxhashazwa okwabonisa ukuvuza kwedatha phakathi kwama-CPU cores, kepha ukwakhiwa kwesixazululo kwabambezeleka ngenxa yobunzima bokusetshenziswa kwaso.

Ekuvuseleleni kwanamuhla kwe-microcode, inkinga ivinjelwe ngokushintsha ukusebenza kwemiyalo I-RDRAND, i-RDSEED, ne-EGETKEY ukubhala ngaphezulu idatha kubhafa eyabiwe ukuvimbela imininingwane eyinsalela ekuxazululeni kuyo.

Ngokwengeziwe, ukumiswa kokufinyelela kwebhafa kusebenza kuze kuqedwe ukusebenza nokubhala.

Umphumela ohlangothini yalesi sivikelo ukwanda kokubambezeleka lapho kwenziwa i-RDRAND, i-RDSEED, ne-EGETKEY, nokwehliswa kokusebenza lapho kuzanywa ukwenza le miyalo ngasikhathi sinye kuma-processor ahlukahlukene anengqondo. Lezi zici zingakuthinta kabi ukusebenza kwezinye izinhlelo zokusebenza.

Umthombo: https://www.vusec.net

I-Intel-ZombieLoad
I-athikili ehlobene:
I-Zombieload 2.0 indlela entsha yokuhlasela ethinta kuphela ama-processor we-Intel

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Unomthwalo wemfanelo ngedatha: AB Internet Networks 2008 SL
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   Nacho kusho
    kwenza iminyaka 4

    Isihloko asiqondakali, lapho amaphuzu amathathu eya khona, ikhefana kufanele ihambe, futhi, yebo, ukuthi "yebo" unendlela yokugcizelela.

    Phendula uNacho