Fixing Intel processor failure could end up reducing CPU performance by up to 30%

Diolinux

The year has barely started and Intel is already experiencing security issues with its processors. Intel processors, both x86 and x64, manufactured in the last 10 years can have their performance strongly affected due to the need for a kernel level update of the operating systems, be they Windows, macOS or Linux.

Usually this type of problem is corrected via firmware update, but this time it will not be enough. Operating system developers will have to make changes to the kernel to avoid failure and this could end up reducing the performance of Intel processors by up to 30%, varying by model.

The problem is not completely clear because at the time of writing this article Intel has not commented clearly on the case. What is known, until then, is that this error affects the way the operating system’s Kernel handles CPU instructions, this ends up causing the Kernel to not be able to properly manage access permissions, giving scope for attackers to be able to have access to user space operating systems and gain access to passwords and sensitive information in many cases.

In addition to conventional desktop processors, the flaw also affects server processors and cloud environments such as Amazon EC, Google Compute Engine and Microsoft Azure.

On Linux the update to correct the flaw is now available, so just keep your system up to date, so the update should reach you (if it hasn’t already), for Windows, Microsoft should launch the update for the fix next week, Apple seems to be working on the case too, but still there is no prediction of when the correction will be available to users of the “apple”.

With the update, the ideal is that the Kernel can no longer be accessed by any running process, which consequently will increase the effort of the processor to execute its processes, impacting the performance, which can have different effects from CPU to CPU .

To achieve this, developers need to completely separate the kernel memory from KPTI (Kernel Page Table Isolation). This update takes the kernel to a completely separate address, so it is invisible to a running process, preventing attacks.

AMD did not miss the trip and took advantage, of course, to point out that its processors are free from this flaw.

Source