Welcome!
Important information
-- Spectre and Meltdown vulnerabilities
-- Change in MX sources

News
-- MX Linux on social media: here
-- Mepis support still here

Current releases
-- MX-17.1 Final release info here
-- antiX-17 release info here

New users
-- Please read this first, and don't forget to add system and hardware information to posts!
-- Here are the Forum Rules

New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

Report Bugs, Issues and non- pacakage Requests
Post Reply
Message
Author
User avatar
colin_b
Forum Regular
Forum Regular
Posts: 381
Joined: Sun Mar 19, 2017 7:21 pm

New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

#1 Post by colin_b » Sun Nov 04, 2018 7:11 pm

https://thehackernews.com/2018/11/ports ... ility.html

A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading feature enabled.

The vulnerability, codenamed PortSmash (CVE-2018-5407), has joined the list of other dangerous side-channel vulnerabilities discovered in the past year, including Meltdown and Spectre, TLBleed, and Foreshadow.

...

The simple fix for the PortSmash vulnerability is to disable SMT/Hyper-Threading in the CPU chip's BIOS until Intel releases security patches. OpenSSL users can upgrade to OpenSSL 1.1.1 (or >= 1.1.0i if you are looking for patches).

User avatar
handy
Forum Regular
Forum Regular
Posts: 128
Joined: Mon Apr 23, 2018 2:00 pm

Re: New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

#2 Post by handy » Sun Nov 04, 2018 7:21 pm

Clevo N'book (2014): P150SM-A
CPU: i7-4810MQ (Haswell) Speed: 2800/3800 MHz
RAM: 16 GiB 1600 MHz DDR3
GPU-1: i915
GPU-2: NVIDIA GK104M [GeForce GTX 880M] vRAM: 8GB 2500 Mhz DDR5
Storage: TOSHIBA 931.51 GiB. HGST 931.51 GiB. Crucial 223.57 GiB (M.2 SSD)

User avatar
colin_b
Forum Regular
Forum Regular
Posts: 381
Joined: Sun Mar 19, 2017 7:21 pm

Re: New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

#3 Post by colin_b » Sun Nov 04, 2018 7:38 pm

handy wrote:
Sun Nov 04, 2018 7:21 pm
More here: viewtopic.php?f=6&t=46809
I missed that :embarrassed:

User avatar
handy
Forum Regular
Forum Regular
Posts: 128
Joined: Mon Apr 23, 2018 2:00 pm

Re: New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

#4 Post by handy » Mon Nov 05, 2018 6:25 am

colin_b wrote:
Sun Nov 04, 2018 7:38 pm
handy wrote:
Sun Nov 04, 2018 7:21 pm
More here: viewtopic.php?f=6&t=46809
I missed that :embarrassed:
It is easily done. ;)
Clevo N'book (2014): P150SM-A
CPU: i7-4810MQ (Haswell) Speed: 2800/3800 MHz
RAM: 16 GiB 1600 MHz DDR3
GPU-1: i915
GPU-2: NVIDIA GK104M [GeForce GTX 880M] vRAM: 8GB 2500 Mhz DDR5
Storage: TOSHIBA 931.51 GiB. HGST 931.51 GiB. Crucial 223.57 GiB (M.2 SSD)

Post Reply

Return to “Bugs and Non-Package Requests Forum”