Microarchitectural Data Sampling

See also: Transient execution CPU vulnerability

Microarchitectural Data Sampling
Logo designed for the vulnerabilities, featuring a wounded hand holding a broken microprocessor.
CVE identifier(s)CVE-2018-12126 (Fallout),
CVE-2018-12127 (RIDL),
CVE-2019-11091 (RIDL, ZombieLoad),
CVE-2018-12130 (RIDL, ZombieLoad),
CVE-2019-11135 (ZombieLoad v2)
Date discovered2018[1]
Date patched14 May 2019
DiscovererAustralia University of Adelaide
Austria Graz University of Technology
Belgium Catholic University of Leuven
China Qihoo 360
Germany Cyberus Technology
Germany Saarland University
Netherlands Vrije Universiteit Amsterdam
Romania Bitdefender
United States Oracle Corporation
United States University of Michigan
United States Worcester Polytechnic Institute[1]
Affected hardwarePre-April 2019 Intel x86 microprocessors
Websitemdsattacks.com ZombieLoadAttack.com

The Microarchitectural Data Sampling (MDS) vulnerabilities are a set of weaknesses in Intel x86 microprocessors that use hyper-threading, and leak data across protection boundaries that are architecturally supposed to be secure. The attacks exploiting the vulnerabilities have been labeled Fallout, RIDL (Rogue In-Flight Data Load), ZombieLoad.,[2][3][4] and ZombieLoad 2.[5]

Description

The vulnerabilities are in the implementation of speculative execution, which is where the processor tries to guess what instructions may be needed next. They exploit the possibility of reading data buffers found between different parts of the processor.[1][2][6][7]

  • Microarchitectural Store Buffer Data Sampling (MSBDS), CVE-2018-12126
  • Microarchitectural Load Port Data Sampling (MLPDS), CVE-2018-12127
  • Microarchitectural Fill Buffer Data Sampling (MFBDS), CVE-2018-12130
  • Microarchitectural Data Sampling Uncacheable Memory (MDSUM), CVE-2019-11091
  • Transactional Asynchronous Abort (TAA), CVE-2019-11135

Not all processors are affected by all variants of MDS.[8]

History

According to Intel in a May 2019 interview with Wired, Intel's researchers discovered the vulnerabilities in 2018 before anyone else.[1] Other researchers had agreed to keep the exploit confidential as well since 2018.[9]

On 14 May 2019, various groups of security researchers, amongst others from Austria's Graz University of Technology, Belgium's Catholic University of Leuven, and Netherlands' Vrije Universiteit Amsterdam, in a disclosure coordinated with Intel, published the discovery of the MDS vulnerabilities in Intel microprocessors, which they named Fallout, RIDL and ZombieLoad.[1][6] Three of the TU Graz researchers were from the group who had discovered Meltdown and Spectre the year before.[1]

On 12 November 2019, a new variant of the ZombieLoad attack, called Transactional Asynchronous Abort, was disclosed.[10][11]

Impact

According to varying reports, Intel processors dating back to 2011[12] or 2008[1] are affected, and the fixes may be associated with a performance drop.[13][14] Intel reported that processors manufactured in the month before the disclosure have mitigations against the attacks.[1]

Intel characterized the vulnerabilities as "low-to-medium" impact, disagreeing with the security researchers who characterized them as major, and disagreeing with their recommendation that operating system software manufacturers should completely disable hyperthreading.[1][15] Nevertheless, the ZombieLoad vulnerability can be used by hackers exploiting the vulnerability to steal information recently accessed by the affected microprocessor.[16]

Mitigation

Fixes to operating systems, virtualization mechanisms, web browsers and microcode are necessary.[1] As of 14 May 2019, applying available updates on an affected PC system was the most that could be done to mitigate the issues.[17]

  • Intel incorporated fixes in its processors starting shortly before the public announcement of the vulnerabilities.[1]
  • On 14 May 2019, a mitigation was released for the Linux kernel,[18] and Apple, Google, Microsoft, and Amazon released emergency patches for their products to mitigate ZombieLoad.[19]
  • On 14 May 2019, Intel published a security advisory on its website detailing its plans to mitigate ZombieLoad.[7]

See also

References

  1. ^ a b c d e f g h i j k Greenberg, Andy (2019-05-14). "Meltdown Redux: Intel Flaw Lets Hackers Siphon Secrets from Millions of PCs". WIRED. Retrieved 2019-05-14.
  2. ^ a b Ilascu, Ionut (2019-05-14). "New RIDL and Fallout Attacks Impact All Modern Intel CPUs". Bleeping Computer. Retrieved 2019-05-14.
  3. ^ Spectre-NG-Lücken: OpenBSD schaltet Hyper-Threading ab, heise.de, 2018-06, accessed 2019-09-29
  4. ^ Let's Talk To Linux Kernel Developer Greg Kroah-Hartman | Open Source Summit, 2019, TFIR, 2019-09-03
  5. ^ Winder, Davey (2019-11-13). "Intel Confirms 'ZombieLoad 2' Security Threat". Forbes. Archived from the original on 2020-01-14. Retrieved 2020-01-14.
  6. ^ a b "ZombieLoad Attack". zombieloadattack.com. Retrieved 2019-05-14.
  7. ^ a b "INTEL-SA-00233". Intel. Retrieved 2019-05-14.
  8. ^ "Microarchitectural Data Sampling". The Linux kernel user's and administrator's guide. 2019-05-14.
  9. ^ "MDS attacks". mdsattacks.com. Retrieved 2019-05-20.
  10. ^ Nichols, Shaun (2019-11-12). "True to its name, Intel CPU flaw ZombieLoad comes shuffling back with new variant". www.theregister.co.uk. Retrieved 2019-11-12.
  11. ^ Cimpanu, Catalin. "Intel's Cascade Lake CPUs impacted by new Zombieload v2 attack". ZDNet. Retrieved 2019-11-12.
  12. ^ Whittaker, Zach (2019-05-14). "New secret-spilling flaw affects almost every Intel chip since 2011". TechCrunch. Retrieved 2019-05-14.
  13. ^ "Intel Zombieload bug fix to slow data centre computers". BBC News. 2019-05-15. Retrieved 2019-05-15.
  14. ^ Larabel, Michael (2019-05-24). "Benchmarking AMD FX vs. Intel Sandy/Ivy Bridge CPUs Following Spectre, Meltdown, L1TF, Zombieload". Phoronix. Retrieved 2019-05-25.
  15. ^ Mah Ung, Gordan (2019-05-15). "Intel: You don't need to disable Hyper-Threading to protect against the ZombieLoad CPU exploit - "ZombieLoad" exploit seems to put Intel's Hyper-Threading at risk of being put down". PC World. Retrieved 2019-05-15.
  16. ^ Kastrenakes, Jacob (2019-05-14). "ZombieLoad attack lets hackers steal data from Intel chips". The Verge. Retrieved 2019-05-15.
  17. ^ O'Neill, Patrick Howell (2019-05-14). "What To Do About the Nasty New Intel Chip Flaw". Gizmodo. Retrieved 2019-05-15.
  18. ^ "ChangeLog-5.1.2". The Linux Kernel Archives. 2019-05-14. Archived from the original on 2019-05-15. Retrieved 2019-05-15.
  19. ^ Whittaker, Zach. "Apple, Amazon, Google, Microsoft and Mozilla release patches for ZombieLoad chip flaws". TechCrunch. Retrieved 2019-05-14.

Further reading

Original papers by the researchers

Information from processor manufacturers

Read other articles:

Jegog

Artikel ini membutuhkan rujukan tambahan agar kualitasnya dapat dipastikan. Mohon bantu kami mengembangkan artikel ini dengan cara menambahkan rujukan ke sumber tepercaya. Pernyataan tak bersumber bisa saja dipertentangkan dan dihapus.Cari sumber: Jegog – berita · surat kabar · buku · cendekiawan · JSTOR (Februari 2019) Pertunjukan Gamelan Jegog pada tahun 1989 Gamelan Jegog adalah bentuk musik gamelan atau kesenian karawitan asli Bali, Indonesia, dima...

 

 

Saham

Lembar saham tahun 1936 yang ditandatangani para pemegang saham Greyhound Lines. Saham adalah sebuah bukti kepemilikan nilai sebuah perusahaan. Kata saham sendiri diambil dari bahasa Arab. Dalam literatur fikih, saham diambil dari istilah musahamah yang berasal dari kata sahm (Arab: سهمcode: ar is deprecated ) bentuk jamaknya ashum atau suhmah yang artinya bagian, bagian kepemilikan.[1] Artinya pemilik saham adalah pemilik perusahaan. Semakin besar saham yang dimiliki, maka semakin...

 

 

Chyna

ChynaChyna, 2008LahirJoan Marie Laurer(1969-12-27)27 Desember 1969Rochester, New York, A.S.Meninggal17 April 2016(2016-04-17) (umur 46)Redondo Beach, California, A.S.Sebab meninggalOverdosisMakamAbu disebar ke Samudra Pasifik[1][2]AlmamaterUniversitas TampaPekerjaanPegulat profesionalmodel glamoraktrisbinaragawanPasanganTriple H (1996–2000)Sean Waltman (2003–2005)Karier gulat profesionalNama ringChyna[3]Chyna Doll[3]Joanie Laurer[3]Joanie...

Colonial Office

Former UK government ministry For other uses, see Colonial Office (disambiguation). The Whitehall headquarters of the Foreign, India, Home, and Colonial Offices in 1866. It was at that time occupied by all four government departments; now it serves just the Foreign, Commonwealth and Development Office. The Colonial Office was a government department of the Kingdom of Great Britain and later of the United Kingdom, first created in 1768 from the Southern Department to deal with colonial affairs...

 

 

Politeknik Pertanian Negeri Kupang

Artikel ini perlu diwikifikasi agar memenuhi standar kualitas Wikipedia. Anda dapat memberikan bantuan berupa penambahan pranala dalam, atau dengan merapikan tata letak dari artikel ini. Untuk keterangan lebih lanjut, klik [tampil] di bagian kanan. Mengganti markah HTML dengan markah wiki bila dimungkinkan. Tambahkan pranala wiki. Bila dirasa perlu, buatlah pautan ke artikel wiki lainnya dengan cara menambahkan [[ dan ]] pada kata yang bersangkutan (lihat WP:LINK untuk keterangan lebih lanjut...

 

 

Taylor Phinney

Pour les articles homonymes, voir Phinney. Taylor PhinneyPhinney lors du Tour de Grande-Bretagne 2016InformationsNaissance 27 juin 1990 (33 ans)BoulderNationalité américaineSpécialité Contre-la-montre, classiques[1]Équipes amateurs 2008VMG-Felt U232009Trek Livestrong2010Trek Livestrong U23Équipes professionnelles 08.2010-12.2010RadioShack (stagiaire)2011-2016BMC Racing2017Cannondale-Drapac2018EF Education First-Drapac2019EF Education FirstPrincipales victoires Championnats Champio...

Uranio

Disambiguazione – Se stai cercando altri significati, vedi Uranio (disambigua). Uranio     92 U                                                                                                               ...

 

 

The Exclusive: Beat the Devil's Tattoo

The Exclusive: Beat the Devil's TattooPosterSutradaraRoh DeokDitulis olehRoh DeokPemeranJo Jung-sukLee Ha-naLee Mi-sookPerusahaanproduksiWooju FilmVanguard StudioDistributorLotte EntertainmentTanggal rilis 22 Oktober 2015 (2015-10-22) (South Korea) Durasi125 menitNegaraKorea SelatanBahasaKoreaPendapatankotor₩3.15 billion[1] The Exclusive: Beat the Devil's Tattoo (Hangul: 특종: 량첸살인기; RR: Teukjong: Ryangchensalingi) adalah film thriller Kore...

 

 

Nepenthes hirsuta

Species of pitcher plant from Borneo Nepenthes hirsuta Upper pitchers of N. hirsuta. Bako National Park, Borneo. Conservation status Least Concern  (IUCN 3.1)[1] Scientific classification Kingdom: Plantae Clade: Tracheophytes Clade: Angiosperms Clade: Eudicots Order: Caryophyllales Family: Nepenthaceae Genus: Nepenthes Species: N. hirsuta Binomial name Nepenthes hirsutaHook.f. (1873)[2] Synonyms Nepenthes leptochilaDanser (1928) Nepenthes hirsuta (/nɪˈpɛnθiːz h�...

1980 Portuguese legislative election

1980 Portuguese legislative election ← 1979 5 October 1980 1983 → 250 seats to the Portuguese Assembly125 seats needed for a majorityRegistered7,179,023 1.0%Turnout6,026,395 (83.9%)1.0 pp   First party Second party Third party   Leader Francisco Sá Carneiro Mário Soares Álvaro Cunhal Party PSD PS PCP Alliance AD FRS APU Leader since 2 July 1978[a] 19 April 1973[b] 14 April 1978 Leader's seat Lisbon[1] Lisbon[2] Lisb...

 

 

The Great Gildersleeve

Si ce bandeau n'est plus pertinent, retirez-le. Cliquez ici pour en savoir plus. La mise en forme de cet article est à améliorer (mars 2023). La mise en forme du texte ne suit pas les recommandations de Wikipédia : il faut le « wikifier ». L'enseigne The Great Gildersleeve à New York en 1980. The Great Gildersleeve est un film américain réalisé par Gordon Douglas, sorti en 1942[1]. Le personnage central est basé sur la populaire série radiophonique de NBC The Great G...

 

 

尼古拉斯·马杜罗

这是西班牙语人名,首姓或父姓是「马杜罗」,次姓或母姓(母親的父姓)是「莫罗斯」。 尼古拉斯·馬杜羅Nicolás Maduro Moros 委内瑞拉总统现任就任日期2013年4月19日代理:2013年3月5日-2013年4月19日2019年-2023年,與胡安·瓜伊多爭位副总统豪尔赫·阿雷亚萨(英语:Jorge Arreaza)(2013-2016年)阿里斯托武洛·伊斯图里斯(英语:Aristóbulo Istúriz)(2016-2017年)塔雷克·埃尔·艾�...

俄亥俄州

  「俄亥俄」重定向至此。关于其他用法,请见「俄亥俄 (消歧义)」。 俄亥俄州 美國联邦州State of Ohio 州旗州徽綽號:七葉果之州地图中高亮部分为俄亥俄州坐标:38°27'N-41°58'N, 80°32'W-84°49'W国家 美國加入聯邦1803年3月1日,在1953年8月7日追溯頒定(第17个加入联邦)首府哥倫布(及最大城市)政府 • 州长(英语:List of Governors of {{{Name}}}]]) •&...

 

 

Calvin Trillin

American humorist and novelist Calvin TrillinTrillin in 2011BornCalvin Marshall Trillin (1935-12-05) December 5, 1935 (age 88)Kansas City, Missouri, U.S.NationalityAmericanEducationYale University (BA)Spouse Alice Stewart Trillin ​ ​(m. 1965; died 2001)​Children2Awards2013, Thurber Prize for American Humor Calvin Marshall Trillin (born 5 December 1935) is an American journalist, humorist, food writer, poet, memoirist and novelist.[1]...

 

 

Rubik's Magic

Mechanical puzzle created by Erno Rubik Rubik's Magic Rubik's Magic (solved) One possible solution for Rubik's Magic Rubik's Magic, like the Rubik's Cube, is a mechanical puzzle invented by Ernő Rubik and first manufactured by Matchbox in the mid-1980s. The puzzle consists of eight black square tiles (changed to red squares with goldish rings in 1997) arranged in a 2 × 4 rectangle; diagonal grooves on the tiles hold wires that connect them, allowing them to be folded onto each other and unf...

Petroleum

Naturally occurring combustible liquid Crude oil redirects here. For the 2008 film, see Crude Oil (film). For the fuel, see Petrol. For other uses, see Petroleum (disambiguation). A sample of petroleumPumpjack pumping an oil well near Lubbock, Texas, U.S.An oil refinery in Ahmadi Governorate in Kuwait Petroleum or crude oil, also referred to as simply oil, is a naturally occurring yellowish-black liquid mixture of mainly hydrocarbons,[1] and is found in geological formations. The name...

 

 

  提示:此条目页的主题不是萧。 簫琴簫與洞簫木管樂器樂器別名豎吹、豎篴、通洞分類管樂器相關樂器 尺八 东汉时期的陶制箫奏者人像,出土於彭山江口汉崖墓,藏於南京博物院 箫又稱洞簫、簫管,是中國古老的吹管樂器,特徵為單管、豎吹、開管、邊稜音發聲[1]。「簫」字在唐代以前本指排簫,唐宋以來,由於單管豎吹的簫日漸流行,便稱編管簫爲排簫�...

 

 

Creolization

Linguistic and cultural process This article is about the social and cultural concept of creolization. For the linguistic concept of creolization, see Creole genesis. Creolization is the process through which creole languages and cultures emerge.[1] Creolization was first used by linguists to explain how contact languages become creole languages, but now scholars in other social sciences use the term to describe new cultural expressions brought about by contact between societies and r...

Skonto Football Club-2

Voce principale: Skonto Football Club. Questa voce sull'argomento società calcistiche lettoni è solo un abbozzo. Contribuisci a migliorarla secondo le convenzioni di Wikipedia. Skonto-2Calcio Segni distintiviUniformi di gara Casa Trasferta Dati societariCittàRiga Nazione Lettonia ConfederazioneUEFA Federazione LFF Fondazione1991 StadioKeizarmezhs(2000 posti) PalmarèsSi invita a seguire il modello di voce Lo Skonto-2 è la formazione riserve della società calcistica lettone del...

 

 

DF-4

DF-4DescrizioneTipoICBM CostruttoreChinese Academy of Launch Vehicle Technology - CALT Impostazione1967 In servizio1975 Utilizzatore principaleEsercito Popolare di Liberazione Esemplari20 Peso e dimensioniLunghezza28 m Diametro2,5 m PrestazioniGittata4.750 km Motore4 motori a propellente liquido YF-2A4 motori a propellente liquido YF-3 [1] voci di missili presenti su Wikipedia Il Dong Feng 4 (in cinese 东风4) o DF-4 (CSS-3 nella denominazione NATO) è un missile ICBM cinese a d...