Vulnerability in Intel chips affects desktop, mobile and server CPUs

Once again, the Intel it is between the cross and the sword. Not only were the various vulnerabilities discovered on their chips in the past, including Meltdown, Specter, ZombieLoad and Load Value Injection, there is now a “new” flaw that affects only the manufacturer's processors, called CrossTalk.

As well as the failures Specter and Meltdown, this vulnerability found by academics at a university in the Netherlands takes advantage of the resource of speculative execution Intel chips, which anticipates the user's most common actions for performance gain.

In that case, the CrossTalk can be run even on CPUs that have the Intel SGX system (Software Guard Extensions) implemented in its architecture, circumventing all protections against vulnerabilities related to speculative execution.

More than that, the bug allows the attacker to run a code on a CPU to leak data from software running on another machine by the name CrossTalk. The execution of the code so fast that the video itself demonstrating one of the exploits of the failure needed to be slowed down.

The execution of the flaw makes it even more complex than the vulnerabilities previously discovered, since most attacks have so far made it possible to break into a machine's core from its own CPU so previous corrections did not take into account that it would be possible to access data from one core from another.

THE CrossTalk affects a wide range of Intel processors for desktops, mobile devices and servers, including Core i3, i5, i7, i9, Xeon, etc.

Intel chips susceptible to Crosstalk failure

Notably, Intel was notified of the vulnerability in September 2018, and in July 2019, the company announced a fix for Microsoft's operating systems that “corrected data leakage between CPU cores”, but the development of the solution was delayed due to the complexity of its implementation.

Meanwhile, Intel has already made significant changes to the hardware design of its CPUs, with the majority of its recent products not being vulnerable to this specific attack.

via Ars Technica