intel cpus, ker je bil občutljiv za napade zombieload v2, vključeno tudi 'kaskadno jezero'

Intel CPU-ji Ker je Haswell Ranljiv za napade 'Zombieload v2', vključeno 'Cascade Lake'

All Intel CPU microarchitectures since 2013 are vulnerable to a new class of 'Zombieload,' attacks, chronicled under 'Zombieload v2' (CVE-2019-11135). This is the fifth kind of microarchitectural data sampling (MDS) vulnerability, besides the four already disclosed and patched against in Q2-2019. The vulnerability was kept secret by the people who discovered it, as Intel was yet to develop a mitigation against it. There is no silicon-level hardening against it, and Intel has released a firmware-level mitigation that will be distributed by motherboard manufacturers as BIOS updates, or perhaps even OS vendors. While Intel's latest enterprise and HEDT microarchitecture, 'Cascade Lake' was thought to be immune to 'Zombieload,' it's being reported that 'Zombieload v2' attacks can still compromise a 'Cascade Lake' based server or HEDT that isn't patched.

'Zombieload v2' je izkoriščanje asinhronske prekinitve operacije Transactional Synchronization Extensions (TSX), ki se pojavi, ko zlonamerna programska oprema ustvarja konflikte med branjem v CPU. To naj bi puščalo podatke o tem, kaj se še obdeluje. 'Glavna prednost tega pristopa je, da deluje tudi na strojih s popravki strojne opreme za Meltdown, ki smo jih preverili na i9-9900K in Xeon Gold 5218,' se glasi najnovejša različica beli papirja Zombieload, ki je bil posodobljen z 'Zombieload v2' informacije. TSX je potreben za 'Zombieload v2' in vse Intelove mikroarhitekture, odkar ima 'Haswell'. AMD-jevi procesorji so sam po sebi imuni na 'Zombieload v2', saj jim primanjkuje TSX. Intel je zmanjšal resnost ali razširjenost 'Zombieload v2', vendar je kljub temu odposlal posodobitve za mikrokodne označene kot 'kritične'.
Source: ZDNet

aoc 27v2h