Security News
Intel has stomped out high-severity flaws in its Next Unit Computing mini PC firmware, and in its Modular Server MFS2600KISPP Compute Module. Discontinuation Notice for MFS2600KISPP. One of the high-severity flaws stems from a compute module used in Intel's modular server system, which is a blade system for Intel motherboards and processors first introduced in 2008.
Intel's March security updates reached its customers this week and on the face of it, the dominant theme is the bundle of flaws affecting the company's Graphics drivers. The star flaw of the month is CVE 29, the Load Value Injection weakness publicised this week by a diverse group of mainly academic security researchers.
Computer scientists at KU Leuven have once again exposed a security flaw in Intel processors. Plundervolt, Zombieload, Foreshadow: in the past couple of years, Intel has had to issue quite a few patches for vulnerabilities that computer scientists at KU Leuven have helped to expose.
Intel this week released patches for more than two dozen vulnerabilities impacting graphics drivers, FPGA, processors, NUC, BlueZ, and other products. The chip maker patched a total of 17 vulnerabilities in its graphics drivers, the most important of which is a buffer overflow that could result in denial of service.
Intel has posted a fresh crop of firmware updates for security flaws in its chipsets. An information-disclosure flaw in data forwarding for Intel processors prompted an advisory and firmware update, as did the already disclosed LVI design flaw.
Intel develops graphics drivers for Windows OS to communicate with specific Intel graphics devices, for instance. Sys file of the graphics drivers, which could enable privilege escalation or DoS; and an improper conditions check glitch in the graphic driver that may enable information disclosure and DoS. It's not the first time flaws have been discovered in discovered in Intel's graphics drivers.
Many processors made by Intel are vulnerable to a newly disclosed type of attack named Load Value Injection, but the chip maker has told customers that the attack is not very practical in real world environments. A variation of the LVI attack, dubbed Load Value Injection in the Line Fill Buffers, was also reported to Intel by researchers at Bitdefender.
Chipzilla's processors, already weighed down by defenses deployed against side-channel attacks over the past two years, could get slower still if they try to thwart this latest vulnerability: prototype compiler changes, for full mitigation, have produced performance reductions ranging from 2x to 19x. That's because LVI protection involves compiler and assembler updates that insert extra x86 instructions and replace problematic instructions with functionally equivalent but more verbose instruction sequences. "Being essentially a 'reverse Meltdown'-type attack, LVI abuses that a faulting or assisted load instruction executed within a victim domain does not always yield the expected result, but may instead transiently forward dummy values or data from various microarchitectural buffers."
Chipzilla's processors, already weighed down by defenses deployed against side-channel attacks over the past two years, could get slower still if they try to thwart this latest vulnerability: prototype compiler changes, for full mitigation, have produced performance reductions ranging from 2x to 19x. That's because LVI protection involves compiler and assembler updates that insert extra x86 instructions and replace problematic instructions with functionally equivalent but more verbose instruction sequences. "Being essentially a 'reverse Meltdown'-type attack, LVI abuses that a faulting or assisted load instruction executed within a victim domain does not always yield the expected result, but may instead transiently forward dummy values or data from various microarchitectural buffers."
Cybersecurity researchers have found a vulnerability within Intel's data center CPUs that gives attackers the ability to inject rogue values in certain microarchitectural structures and steal information. Bogdan Botezatu, director of threat research and reporting at Bitdefender, said these attacks are "Particularly devastating in multi-tenant environments such as enterprise workstations or servers in the datacenter, where one less-privileged tenant would be able to leak sensitive information from a more privileged user or from a different virtualized environment on top of the hypervisor."