Security Flaw In Most Microprocessors Prompts Kernel Changes

Security Flaw Microprocessors

A design flaw in Intel microprocessors has Linux and Microsoft Windows developers reworking their kernels to defend against exploitation of the security bug.

Details of the flaw have not yet been made public, and Intel and Microsoft have remained mum about the chip design flaw, which was first reported by The Register this week. The report said Microsoft is expected to issue updates for Windows in next week’s Patch Tuesday batch, while Linux developers have been openly working on fixes online. According to the report, the OS updates ultimately could slow performance of the systems, in some cases by five- to 30%. Newer Intel processors aren’t as susceptible to a performance impact, the report said.

Security experts around globe says without the details of the flaw out yet, it doesn’t make sense to theorize about its ramifications. “I think we shouldn’t speculate until the bug is disclosed,” Kaminsky says. “Clearly, the notable part of this is whatever it is can’t be addressed in microcode.”

The flaw – which reportedly affects processors in millions of computers – could allow applications, including JavaScript in a Web browser, to read protected areas of the kernel memory. 

The kernel is designed to separate “userland” from sensitive kernel areas “so that userland programs can’t take over from the kernel itself and subvert security, for example by launching malware, stealing data, snooping on network traffic and messing with the hardware,” wrote Sophos security analyst Paul Ducklin in a post today.

The security patch implements kernel page-table isolation (KPTI) to move the kernel into an entirely separate address space and keeps it protected and inaccessible from running programs and userspace, which requires an update at the operating system level.

“The purpose of the series is conceptually simple: to prevent a variety of attacks by unmapping as much of the Linux kernel from the process page table while the process is running in user space, greatly hindering attempts to identify kernel virtual address ranges from unprivileged userspace code,” writes Python Sweetness.

It is noteworthy that installing the update will hit your system speed negatively and could bring down CPUs performance by 5 percent to 30 percent, “depending on the task and processor model.”

“With the page table splitting patches merged, it becomes necessary for the kernel to flush these caches every time the kernel begins executing, and every time user code resumes executing.”

Much details of the flaw have been kept under wraps for now, but considering its secrecy, some researchers have also speculated that a Javascript program running in a web browser can recover sensitive kernel-protected data.

The Linux patch that is being released for ALL x86 processors also includes AMD processors, which has also been considered insecure by the Linux mainline kernel, but AMD recommends specifically not to enable the patch for Linux.

Microsoft is likely to fix the issue for its Windows operating system in an upcoming Patch Tuesday, and Apple is also likely working on a patch to address the vulnerability.

If you liked this post, you might enjoy our newsletter. Receive new articles directly in your inbox:

Yes I agree to receive emails from Defenx Solution

Subscribe our Youtube Channel

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Welcome to Defenx Solution

If you need any info or details please do connect with us through any medium below. We will try to get in touch with you as early as possible.

Contact Form

or reach me via these social channels

Contact Us