ProHoster > Блог > xov xwm hauv internet > Reptar vulnerability cuam tshuam rau Intel processors

Reptar vulnerability cuam tshuam rau Intel processors

Tus kws tshawb nrhiav kev ruaj ntseg ntawm Google, Tavis Ormandy, tau txheeb xyuas qhov tsis zoo tshiab (CVE-2023-23583) hauv Intel processors, uas muaj lub npe hu ua Reptar, uas feem ntau ua rau muaj kev hem thawj rau cov huab systems uas khiav virtual machines uas yog cov neeg siv sib txawv. Qhov tsis zoo no tuaj yeem ua rau lub system dai lossis poob thaum ua qee yam haujlwm hauv cov qhua tsis muaj cai. Ib qho cuab yeej uas tsim cov xwm txheej rau kev siv tsis raug tau tshaj tawm rau lub hom phiaj sim.

Hauv kev xav, qhov tsis muaj zog no tuaj yeem siv los nce qib cai los ntawm lub nplhaib 3 mus rau lub nplhaib 0 (CPL0) thiab khiav tawm ntawm cov chaw nyob ib leeg, tab sis qhov xwm txheej no tseem tsis tau lees paub hauv kev xyaum vim muaj teeb meem hauv kev debugging ntawm qib microarchitectural. Kev sim sab hauv ntawm Intel kuj tau qhia txog qhov muaj peev xwm siv qhov tsis muaj zog no rau kev nce qib cai hauv qee qhov xwm txheej.

Raws li tus kws tshawb fawb, qhov tsis muaj zog no cuam tshuam rau cov tsev neeg Ice Lake, Rocket Lake, Tiger Lake, Raptor Lake, Alder Lake, thiab Sapphire Rapids ntawm Intel processors. Daim ntawv tshaj tawm ntawm Intel sau tseg tias qhov teeb meem cuam tshuam rau tiam 10 (Ice Lake) Intel Core processors thiab tiam thib peb Xeon Scalable processors, nrog rau Xeon E/D/W processors (Ice Lake, Skylake, Haswell, Broadwell, Skylake, Sapphire Rapids, Emerald Rapids, Cascade Lake, Cooper Lake, Comet Lake, Rocket Lake), thiab Atom processors (Apollo Lake, Jasper Lake, Arizona Beach, Alder Lake, Parker Ridge, Snow Ridge, Elkhart Lake, thiab Denverton). Qhov tsis muaj zog no tau kho hauv qhov hloov tshiab microcode nag hmo 20231114.

Qhov tsis muaj zog no yog tshwm sim los ntawm qee qhov xwm txheej microarchitectural uas qhov kev ua tiav ntawm "REP MOVSB" cov lus qhia yog encoded nrog lub redundant "REX" prefix, ua rau muaj tus cwj pwm tsis txhais. Qhov teeb meem tau pom thaum lub sijhawm sim ntawm cov redundant prefixes, uas theoretically yuav tsum tsis quav ntsej tab sis hauv kev xyaum ua rau muaj cov teebmeem txawv txawv, xws li tsis quav ntsej txog kev dhia tsis muaj kev cai thiab cuam tshuam kev txuag pointer hauv xsave thiab hu cov lus qhia. Kev tshuaj xyuas ntxiv tau qhia tias kev ntxiv lub redundant prefix rau "REP MOVSB" cov lus qhia ua rau cov ntsiab lus ntawm ROB (ReOrder Buffer), uas yog siv rau kev txiav txim cov lus qhia.

Qhov yuam kev no ntseeg tau tias yog los ntawm kev xam tsis raug ntawm qhov loj ntawm MOVSB, uas ua rau muaj kev cuam tshuam hauv kev hais lus ntawm cov lus qhia sau rau ROB buffer tom qab MOVSB ​​nrog cov lus ua ntej ntau dhau, thiab kev tsis sib haum ntawm tus taw qhia lus qhia. Qhov kev tsis sib xws no yuav raug txwv rau kev cuam tshuam cov kev suav nruab nrab nrog kev rov qab los ntawm lub xeev sib xws. Txawm li cas los xij, yog tias qhov kev sib tsoo raug ua rau tib lub sijhawm ntawm ntau lub cores lossis SMT threads, nws tuaj yeem ua rau muaj kev puas tsuaj microarchitectural txaus kom ua rau muaj kev sib tsoo.

Tau qhov twg los: opennet.ru

Yuav txhim khu kev qha hosting rau cov chaw nrog DDoS tiv thaiv, VPS VDS servers 🔥 Yuav lub vev xaib hosting txhim khu kev qha nrog kev tiv thaiv DDoS, VPS VDS servers | ProHoster