Another vulnerability discovered for Intel chips: Special Register Buffer Data Sampling (CVE-2020-0543)


 Share

Recommended Posts

KaoDome

Intel Advisory INTEL-SA-00320 has some general info on it, but their Dive Deep page explains it better: Dive Deep: Special Register Buffer Data Sampling Advisory

 

Here's an excerpt:

Quote

Certain processor operations (such as RDRAND) microarchitecturally need to read data from outside the physical core (for example, from a random number generator shared between cores). This is often performed through an internal microarchitectural operation called a special register read.

 

On some processors, the data returned for a special register read is staged in a shared microarchitectural buffer and then transferred to the microarchitectural fill buffer within the physical core that performed the read. That core can then use the value from the microarchitectural fill buffer (for example, the core could copy the value into software-visible registers). This shared buffer is often larger than the data being read (the buffer is usually the size of a cache line), and different special register reads may use different offsets within the shared buffer.

 

...

 

When the shared staging buffer is updated on a read, only the portion of the staging buffer needed for that read is updated. The other portions of the staging buffer are not modified. The unmodified portions of the staging buffer may contain stale data from previous special register reads, including those done by other cores.

There are plenty of CPUs affected by this going back to Haswell, while a microcode update seems to be enough to mitigate it, RDRAND and RDSEED will be slower (and RDRAND serialized) according to the the article. It also states that many client systems don't use those instructions often enough to have a significant performance impact, so... there's that.

 

I wonder which kinds of workloads are using random numbers continuously for it to be a problem, crypto related maybe (like certificate generation)?

Link to post
Share on other sites

+Zlip792

Not just this but also - https://sgaxe.com/

 

image.thumb.png.0b5bc9c910f222e7c1725d0f23af58fb.png

Link to post
Share on other sites

This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By hellowalkman
      Intel Xe HPG (DG2) discrete GPU reportedly delayed, now arriving at CES 2022
      by Sayan Sen

      Last year, around the same time of the year as we are now in, Intel had held its Architecture Day 2020 event. At this event, the company detailed its discrete graphics roadmap, among other things. According to Intel's plans at the time, the high-end gaming discrete graphics called Xe HPG (codenamed DG2) was launching sometime this year.

      However, according to a report today, those plans may have changed and Xe HPG will purportedly be arriving later in January at CES 2022. The report comes from '硬件学堂', a Weibo user, who claims to be at the ongoing ChinaJoy 2021 event and has reliable news on the matter. This means we could be having a third player in the discrete PC graphics market by January next year.

      For those wondering, the ChinaJoy 2021 is a gaming and tech conference that's currently being held at the Shanghai International Expo Center. AMD was also present at the event and launched the Radeon RX 6600 XT earlier this morning.

      According to other reports, Intel's Xe HPG is allegedly arriving for laptops and notebooks first which will be accompanying the company's upcoming Alder Lake-P mobile processors, with the desktop parts expected to gradually roll out later starting with SKU5 and SKU4.

      In terms of horsepower, the flagship SKU1 part with 512 EUs may end up performing around a GeForce RTX 3070 Ti or a Radeon RX 6800 if rumors are to be believed (via APISAK).

      Source: 硬件学堂 (Weibo) via HXL (Twitter)

    • By Karthik Mudaliar
      Intel announces new Xeon W-3300 processors with significant performance upgrades
      by Karthik Mudaliar



      Intel has announced its latest generation of Xeon W-3300 processors. These include five new processors - W-3375, W-3365, W-3345, W-3335, and W-3323. The new processors are built to offer exceptional performance for workstations. They are also known as "Ice Lake" as part of the codename given by Intel for 10th generation Core mobile and third-generation Xeon processors.

      The new lineup is based on a brand new architecture on the 10nm process node, with more support for I/O and memory. The Ice Lake Xeon Workstation series of processors will use the LGA 4189 socket platform with support for up to 270W TDP CPU, 64 Gen 4.0 PCIe Lanes, and even 8 channel DDR4-3200 memory that can be up to 4TB.

      The processors are significant upgrades over the previous generation of Xeon processors. According to Intel, the W-3300 processors deliver the following benefits:

      Other technologies that are being used in the Ice Lake family of processors that the firm lists include:


      With the significant upgrades over previous-gen Xeon processors, Intel is positioning its offering against AMD's new Threadripper Pro lineup with its 32-core chips and similar memory specs. The company also detailed its architecture roadmap recently. Intel's Xeon W-3300 lineup is expected to hit the market in 2022.

    • By zikalify
      Intel NUC 11 Extreme Kit unveiled, suited for high-end gaming
      by Paul Hill



      Intel has announced its latest computer designed for high-end gaming, the Intel NUC 11 Extreme Kit. The new product, codenamed ‘Beast Canyon’, is a ‘highly modular’ PC running on Core i7 and Core i9 10nm Tiger Lake processors. What’s interesting about this product is that the high-end hardware has been crammed into an 8-litre case and comes with features usually found in larger machines.

      Despite this machine being ideal for high-end gaming, it doesn't come with an operating system installed by default so you'll also have to set aside at least $139 for a copy of Windows 10. If you're content with a more slender game library, you could opt for Ubuntu or Linux Mint which are free to use. It also ships without a GPU, which you will have to shell out extra for.

      Commenting on the new product, Intel said:

      The complete specifications for the Intel NUC Extreme Kit are as follows:

      NUC11BTMi9 NUC11BTMi7 Processor 11th Generation Intel Core i9-11900KB

      3.3 GHz - 5.0 GHz Turbo, 8 core, 16 thread,

      24 MB Cache, 65 W

      11th Generation Intel Core i7-11700B

      3.3 GHz - 4.9 GHz Turbo, 8 core, 16 thread,

      20 MB Cache 65 W

      Graphics Intel UHD Graphics, 350 MHz - 1.45 GHz

      PCIe x16 Gen4 slot, up to 12" card length, dual-slot capable

      Memory Dual-channel SODIMM slots DDR4-3200 64 GB max Storage Four M.2 key M slots: 2280 CPU-attached PCIe X4 Gen4 NVMe,

      Two 2242/80 PCH-attached PCIe x4 Gen3 NVMe or SATA3 SSD, RAID-0 and RAID-1 capable, CPU-attached 42/80/110 PCIe X4 Gen4

      Intel Optane Memory M10, H10, H20 and Intel Optane SSD ready

      Other Features & Technology

      HDMI 2.0b port, Two Thunderbolt 4 ports, Intel 2.5GB Ethernet port, Intel Wi-Fi 6E AX210 and Bluetooth 5.2, Eight USB 3.1 Gen2 ports, SDXC slot with UHS-II support, Supports up to three 4K displays, All-around customisable RGB lighting with user-replaceable RGB-backlit front logo, 3.5 mm front stereo headset jack, Kensington lock ready, 3-Year limited warranty What's Needed Memory, Storage, Operating System If you’re thinking about picking up the new Intel NUC 11 Extreme Kit you’ll be able to find it on sale from the third quarter. Pricing for the computer starts at $1,150 for the Intel Core i7 kit and $1,350 for the Intel Core i9 kit.

    • By hellowalkman
      Only top-end Alder Lake-S and Z690 parts allegedly landing this year, says report
      by Sayan Sen

      Intel recently held its Accelerated event where the company outlined its roadmap ahead till 2025 or so. Among the announcements was an updated nomenclature for its existing as well as upcoming process nodes. At the end of the presentation, Intel CEO Pat Gelsinger announced that at the next company event dubbed 'Innovation', scheduled on October 27th-28th at San Francisco, more details would be shared.

      Gelsinger stressed that the upcoming Innovation event would be "fully hybrid" as it can be attended in person and will also be live-streamed. And some believe the phrase was specifically uttered also to hint towards the fact that the event would be centered around Alder Lake which is expected to feature the firm's new "Big-Bigger" hybrid design.

      via VideoCardz In fact, igor'sLAB believes this is truly the case and according to its new report, Intel would allegedly start launching its Alder Lake enthusiast parts like Alder Lake-S comprising purported SKUs like the Core i9-12900K, the i7-12700K, and the i5-12600K alongside the next-gen high-end Z690 chipset-based motherboards from October 25 onwards. The KF-series processor models that have their integrated graphics disabled will also apparently be launched.

      The report further adds however that non-overclockable parts (non-K) Core i9s, i7s, and i5s, and i3s would be arriving next year at CES. Midrange B660 as well as other lower-end chipset boards would also be arriving later. This report matches somewhat with a recent rumor of Alder Lake not arriving until next year but nothing is confirmed as of now. It will possibly get clearer once Intel shares more details at its Innovation event.

      There have also been reports that the Alder Lake IMC will support both DDR5 and DDR4 DRAM. Apparently, the B660 and other entry-level chipset motherboards will retain DDR4 support while DDR5 is only reserved for higher-end Z690 and W680 boards. However, this feature is still not confirmed either.

      Source: igor'sLAB

    • By hellowalkman
      Google thinks bug hunting could get easier thanks to its new unified platform
      by Sayan Sen

      Google has launched today its new dedicated website for bug hunters which can be accessed via the following URL: bughunters.google.com. The new website unifies all the Vulnerability Rewards Program (VRPs), which comprises Google, Android, Chrome, Google Play, as well as Abuse, and should make submitting newfound bug reports and such easier. The platform has been launched to celebrate the 10-year anniversary of the VRP launch although the celebration appears to be a bit late.

      Other improvements that Google notes are detailed below:

      Google says that when it launched its bug-hunting program back in 2010, the company received 25 reports far exceeding the expectations, and after 10 years, here's how it stands:

      Total bugs rewarded: 11,055

      Number of rewarded researchers: 2,022

      Total rewards: $29,357,516

      You may find more information on the official blog post here.