Intel Fucks Up Jump Conditional Code Cache, New ucode
https://www.phoronix.com/scan.php?page=article&item=intel-jcc-gaming&num=1 https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files Intel is today making public the Jump Conditional Code (JCC) erratum. This is a bug involving the CPU's Decoded ICache where on Skylake and derived CPUs where unpredictable behavior could happen when jump instructions cross cache lines. Unfortunately addressing this error in software comes with a performance penalty but ultimately Intel engineers are working to offset that through a toolchain. Users flock to AMD.
Bunch of other exploits rolled up... Too bad users had to wait, for again the Nth time in a couple years, for 'responsible disclosure' over their top secret closed source hardware. #OpenFabs , #OpenHW , #OpenAudit https://xenbits.xen.org/xsa/advisory-305.html https://software.intel.com/security-software-guidance/insights/deep-dive-int... TSX Asynchronous Abort (TAA, CVE-2019-11135) vulnerability An attacker, which could include a malicious untrusted user process on a trusted guest, or an untrusted guest, can sample the content of recently-used memory operands and IO Port writes. CVE-2019-11139 MD_CLEAR Operations It was discovered that certain Intel Xeon processors did not properly restrict access to a voltage modulation interface. A local privileged attacker could use this to cause a denial of service (system crash). https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/TAA_MCEPSC_i915 A malicious virtual machine could use this flaw to generate an MCE resulting in a denial of service of the host OS, including all other virtual machines. Intel researchers discovered that Intel graphics processors could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local user could use this to cause a denial of service (system hang). Intel researchers discovered that Intel graphics processors allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and exposed kernel memory information, resulting in possible privilege escalation and information disclosure vulnerabilities. A local user could use this issue to escalate their privileges on the local machine.
https://www.nytimes.com/2019/11/12/technology/intel-chip-fix.html Intel caught lying about it. Last May, when Intel released a patch for a group of security vulnerabilities researchers had found in the company's computer processors, Intel implied that all the problems were solved. But that wasn't entirely true, according to Dutch researchers at Vrije Universiteit Amsterdam who discovered the vulnerabilities and first reported them to the tech giant in September 2018. The software patch meant to fix the processor problem addressed only some of the issues the researchers had found. It would be another six months before a second patch, publicly disclosed by the company on Tuesday, would fix all of the vulnerabilities Intel indicated were fixed in May, the researchers said in a recent interview. The public message from Intel was "everything is fixed," said Cristiano Giuffrida, a professor of computer science at Vrije Universiteit Amsterdam and one of the researchers who reported the vulnerabilities. "And we knew that was not accurate." While many researchers give companies time to fix problems before the researchers disclose them publicly, the tech firms can be slow to patch the flaws and attempt to muzzle researchers who want to inform the public about the security issues. Researchers often agree to disclose vulnerabilities privately to tech companies and stay quiet about them until the company can release a patch. Typically, the researchers and companies coordinate on a public announcement of the fix. But the Dutch researchers say Intel has been abusing the process. Now the Dutch researchers claim Intel is doing the same thing again. They said the new patch issued on Tuesday still doesn't fix another flaw they provided Intel in May. The Intel flaws, like other high-profile vulnerabilities the computer security community has recently discovered in computer chips, allowed an attacker to extract passwords, encryption keys and other sensitive data from processors in desktop computers, laptops and cloud-computing servers. Intel says the patches "greatly reduce" the risk of attack, but don't completely fix everything the researchers submitted. The company's spokeswoman Leigh Rosenwald said Intel was publishing a timeline with Tuesday's patch for the sake of transparency. "This is not something that is normal practice of ours, but we realized this is a complicated issue. We definitely want to be transparent about that," she said. "While we may not agree with some of the assertions made by the researchers, those disagreements aside, we value our relationship with them."
On 11/13/19, grarpamp <grarpamp@gmail.com> wrote:
https://www.nytimes.com/2019/11/12/technology/intel-chip-fix.html
Intel caught lying about it.
https://news.ycombinator.com/item?id=21535630 The Internet is also speculating that, given the top secret "[ir]responsible disclosure" process, and the slowdowns inherent with microcode, OS, and compiler mitigations... "Intel may have slowed the release of some mitigations to land after [... all the new AMD Zen2] comparison benchmarks [dropped]." https://www.anandtech.com/tag/amd https://en.wikipedia.org/wiki/Zen_2
On Wed, Nov 13, 2019 at 12:10:10AM -0500, grarpamp wrote:
https://www.phoronix.com/scan.php?page=article&item=intel-jcc-gaming&num=1 https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files
Users flock to AMD.
Is AMD really better? I suspect it is the same garbage as Intel.
On 11/13/19, Georgi Guninski <guninski@guninski.com> wrote:
Users flock to AMD.
Is AMD really better? I suspect it is the same garbage as Intel.
AMD's price:performance is compelling right now, and enjoying underdog rising. It's seen less of the exploit parade than Intel has lately. That doesn't mean AMD is any better regarding potential vulnerabilities. Given that AMD (and Intel, IBM, ARM, Qualcomm, Broadcom, etc) are all closed HW garbage, there are surely entire classes and vast mounds of garbage waiting within them to be security advisoried and exploited, were they only to be opened up. They have refused to do that for longer than most users have been alive. So at this point, people would be better off ignoring them, and coming together to create something new for the world... #OpenFabs , #OpenHW , #OpenAudit That will be compelling to userbase and markets, a new class of open underdogs rising.
On Wed, Nov 13, 2019 at 06:20:49PM -0500, grarpamp wrote:
On 11/13/19, Georgi Guninski <guninski@guninski.com> wrote:
Users flock to AMD.
Is AMD really better? I suspect it is the same garbage as Intel.
AMD's price:performance is compelling right now, and enjoying underdog rising.
It's seen less of the exploit parade than Intel has lately. That doesn't mean AMD is any better regarding potential vulnerabilities.
Given that AMD (and Intel, IBM, ARM, Qualcomm, Broadcom, etc) are all closed HW garbage, there are surely entire classes and vast mounds of garbage waiting within them to be security advisoried and exploited, were they only to be opened up. They have refused to do that for longer than most users have been alive.
So at this point, people would be better off ignoring them, and coming together to create something new for the world...
#OpenFabs , #OpenHW , #OpenAudit
That will be compelling to userbase and markets, a new class of open underdogs rising.
I vote for grarpamp and Juan as #OpenAudit inspector generals :)
participants (3)
-
Georgi Guninski
-
grarpamp
-
Zenaan Harkness