Stories
Slash Boxes
Comments

SoylentNews is people

Major Hardware Bug Quietly Being Patched in the Open

posted by Fnord666 on Tuesday January 02 2018, @02:29AM   Printer-friendly
from the starting-off-the-new-year-right dept.

LoRdTAW writes:

Spotted over on HN:

The mysterious case of the Linux Page Table Isolation patches (archive)

tl;dr: there is presently an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve. Urgent development of a software mitigation is being done in the open and recently landed in the Linux kernel, and a similar mitigation began appearing in NT kernels in November. In the worst case the software fix causes huge slowdowns in typical workloads. There are hints the attack impacts common virtualization environments including Amazon EC2 and Google Compute Engine, and additional hints the exact attack may involve a new variant of Rowhammer.

Turns out 2018 might be more interesting than first thought. So grab some popcorn and keep those systems patched!

Original Submission

 
This discussion has been archived. No new comments can be posted.
Major Hardware Bug Quietly Being Patched in the Open | Log In/Create an Account | Top | 54 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by FatPhil on Wednesday January 03 2018, @04:01PM (2 children)

    by FatPhil (863) <pc-soylentNO@SPAMasdf.fi> on Wednesday January 03 2018, @04:01PM (#617183) Homepage
    No. As the name implies, a side channel attack is a way of communicating information out of a closed system. The error here is the modification of the internals of a closed system, which is far graver. (The side channel is used to inform how the modification attack should be done.)
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by arcz on Thursday January 04 2018, @07:58PM (1 child)

    by arcz (4501) on Thursday January 04 2018, @07:58PM (#617907) Journal
    There's no modification attack. It's just a side channel that bypasses read protection.

    • (Score: 2) by FatPhil on Sunday January 07 2018, @03:10PM

      by FatPhil (863) <pc-soylentNO@SPAMasdf.fi> on Sunday January 07 2018, @03:10PM (#619169) Homepage
      From TFS: "the exact attack may involve a new variant of Rowhammer."

      Rowhammer is a modification attack.
      --
      Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves