Every now and then, a major bug pops up in PC hardware. Sometimes, these bugs aren’t too serious but they can have a large impact like AMD’s Phenom TLB bug. This time around, it’s Intel’s turn to suffer a hardware CPU bug. According to researchers from the University of California, Intel’s Haswell chips suffer from a flaw that will allow attackers to bypass ASLR, a crucial security feature.
ASLR, or Address Space Layout Randomization is a technique that protects from buffer overflow attacks. By randomizing the memory space, attackers will have to guess at the areas of the memory which contain the data they wish to target. With Haswell, the branch target buffer table used by the branch predictor can be exploited as a way to determine where in the memory specific code is in.
While this attack won’t allow for remote code execution, it can lead to privilege escalation exploits. It may also allow attackers to break out from sandboxes and even from VM’s as this is a fundamental hardware flaw. For cloud providers, this can be a major issue as it makes it easier for an attacker to buy a VM server and break out of it to attack their fellow customers. This means the exploit should work for any OS though some may be less severely impacted.
Intel has reported that they are investigating the issue so we hope to hear back from them soon. Despite it being a hardware issue, a microcode update may be able to fix the issue. However, that may lead to a performance hit depending on what is required for the fix. For now, there is no word yet if pre-Haswell CPUs are impacted or post-Haswell CPUs as well. Given the relatively few changes between generations, I would not be surprised if Broadwell is buggy as well and perhaps even Skylake and Kaby Lake.
iBFree E1018 Headphones with ACC Transmission Technology provides meticulous sounding wireless listening experience without affecting…
Xclio 2.1ch USB mini PC Speaker with SubWoofer, Interface: USB Bus Powered +3.5mm jack 8W…
MSI has introduced two new gaming mice, the Versa 300 Elite Wireless and the Versa…
Lighten up your life with the ultra-thin and super-light Zenbook S 13 OLED! This 1…
The MSI Thin 15 B12VE-1251UK is a sleek, lightweight laptop that blends powerful performance with…
The H7 Flow revolutionises targeted GPU cooling within a classic mid-tower form factor. Unlike dual-chamber…