Intel ya buga bayanai game da sabon nau'in rauni a cikin na'urori masu sarrafawa - MDS (Microarchitectural Data Sampling). Kamar hare-haren Specter da suka gabata, sabbin batutuwan na iya haifar da zubewar bayanan mallaka daga tsarin aiki, injina, da hanyoyin ƙasashen waje. An yi zargin cewa ma’aikatan Intel da abokan huldar su ne suka fara gano matsalolin a lokacin wani bincike na cikin gida. A cikin watan Yuni da Agusta 2018, an kuma ba da bayanai game da matsaloli ga Intel ta hanyar masu bincike masu zaman kansu, bayan haka kusan shekara guda na aikin haɗin gwiwa tare da masana'anta da masu haɓaka tsarin aiki don gano yiwuwar kai hari tare da isar da gyare-gyare. Matsalar ba ta shafe masu sarrafa AMD da ARM ba.
Gane rashin lahani:
CVE-2018-12126 - MSBDS (Microarchitectural Store Buffer Data Sampling), maido da abinda ke ciki na ma'ajiyar ajiya. An yi amfani da shi a harin Fallout. An ƙaddara matakin haɗari don zama maki 6.5 (CVSS);
CVE-2018-12127 - MLPDS (Microarchitectural Load Port Data Sampling), dawo da abubuwan da ke cikin tashar jiragen ruwa. An yi amfani da shi a harin RIDL. CVSS 6.5;
CVE-2018-12130 - MFBDS (Microarchitectural Fill Buffer Data Samfura), dawo da abubuwan da ke cike da buffer. Ana amfani da shi a cikin hare-haren ZombieLoad da RIDL. CVSS 6.5;
CVE-2019-11091 - MDSUM (Microarchitectural Data Samfuran Ƙwaƙwalwar Ƙwaƙwalwar Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwaƙwalwa na Ƙaƙwal ) na Ƙwaƙwalwa , maido da abin da ke cikin ƙwaƙwalwar ajiyar da ba a iya ganowa. An yi amfani da shi a harin RIDL. CVSS 3.8.
source: linux.org.ru