Patch To Be Released That Will Address Massive Flaws In Nearly Every Electronic Device Which Could Cause Negative Impact To Performance
While many of us were taking in the New Year, or resting from New Years Eve, a blog post was made that started off 2018 in a furry. Suggested that this vulnerability and patch could affect hundreds of millions of Windows, Linux and Mac users – the entire internet has been up in a stir since the news broke New Years Day.
In some Twitter communications, a few researchers had discussed that the Intel processors ( x86-64 ) has a massive hardware-level issue that allows attackers to access protected kernel memory – a critical portion of the device which could potentially hold information such as passwords, login information, files or other sensitive data.
The security patch implements kernel page-table isolation (KPTI) to move the kernel into an entirely separate address space and keeps it protected and inaccessible from running programs and userspace, which requires an update at the operating system level.
“The purpose of the series is conceptually simple: to prevent a variety of attacks by unmapping as much of the Linux kernel from the process page table while the process is running in user space, greatly hindering attempts to identify kernel virtual address ranges from unprivileged userspace code,” says Python Sweetness.
It has been discussed that applying this update could cause some system degradation – some CPU performance numbers reducing by 5 to 30 person “depending on the task and processor model.”
Python Sweetness continues “With the page table splitting patches merged, it becomes necessary for the kernel to flush these caches every time the kernel begins executing, and every time user code resumes executing.”
One of the interesting things about this flaw is that AMD processors are apparently not affected by this vulnerability due to a security protection that the company has put in place.
Tom Lendacky, a member of the Linux OS group at AMD stated “AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against.”
“The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.”
A Linux patch has been released for all x86 processors which includes AMD processors mostly because the community has deemed them insecure even though AMD recommends specifically not to apply the patch for Linux.
Your Digital Mind will keep everyone updated as more information becomes available.