New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

2018-11-04 09:33

A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading feature enabled. The vulnerability, codenamed PortSmash (CVE-2018-5407), has joined the list of other

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/KLdNFOP5OtE/portsmash-intel-vulnerability.html

#CPU #encrypted #exploit #hyperthreading #intel #CVE-2018-5407

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-15	CVE-2018-5407	Information Exposure Through Discrepancy vulnerability in multiple products Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. local high complexity canonical debian nodejs openssl tenable oracle redhat CWE-203	4.7

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Intel		6314	31	755	708	45	1539

News URL

Related news

Related Vulnerability

Related vendor