ProHoster > Блог > ozi ịntanetị > SQUIP - mwakpo na ndị nrụpụta AMD, na-eduga na ntapu data site na ọwa ndị ọzọ

SQUIP - mwakpo na ndị nrụpụta AMD, na-eduga na ntapu data site na ọwa ndị ọzọ

Otu ndị nyocha sitere na Mahadum Teknụzụ Graz (Austria), nke amaburu maka mmepe MDS, NetSpectre, Throwhammer na ZombieLoad ọgụ, ekpughere nkọwa nke mwakpo ọwa ọhụrụ (CVE-2021-46778) na kwụ n'ahịrị onye nrụpụta AMD processor. , nke a na-eji na-ahazi oge mmezu nke ntuziaka na nkeji mmezu dị iche iche nke CPU. Mwakpo a, nke a na-akpọ SQUIP, na-enye gị ohere ikpebi data eji na mgbako na usoro ọzọ ma ọ bụ igwe mebere ma ọ bụ hazie ọwa nkwukọrịta zoro ezo n'etiti usoro ma ọ bụ igwe mebere nke na-enye gị ohere ịgbanwe data gafere usoro njikwa ohere sistemụ.

AMD CPUs dabere na 2000st, 5000nd, na 3000rd ọgbọ Zen microarchitectures (AMD Ryzen XNUMX-XNUMX, AMD Ryzen Threadripper, AMD Athlon XNUMX, AMD EPYC) na-emetụta mgbe ị na-eji Simultaneous Multithreading Technology (SMT). Ndị na-arụ ọrụ Intel adịghị enwe ike ịwakpo, ebe ha na-eji otu ahịrị nhazi oge, ebe ndị na-emepụta AMD na-adịghị ike na-eji ahịrị dị iche iche maka mpaghara igbu ọ bụla. Dị ka ihe na-arụ ọrụ iji gbochie ntapu ozi, AMD tụrụ aro ka ndị mmepe jiri algọridim na-eme mgbakọ mgbakọ na mwepụ mgbe niile n'oge ọ bụla, n'agbanyeghị ọdịdị nke data a na-ahazi, ma na-ezere alaka ụlọ ọrụ dabere na data nzuzo.

Mwakpo a dabere na nyocha nke ọkwa nke esemokwu (ọkwa esemokwu) na usoro nhazi dị iche iche ma na-eme ya site na nha nke igbu oge mgbe ịmalite ọrụ nlele emere na eriri SMT ọzọ na otu CPU anụ ahụ. Iji nyochaa ọdịnaya ahụ, a na-eji usoro Prime + Probe, nke na-egosi na ejiri ụkpụrụ ntụnye mejupụta kwụ n'ahịrị na ikpebi mgbanwe site na ịlele oge ịnweta ha mgbe ị na-ejuputa.

N'oge nnwale ahụ, ndị nyocha ahụ nwere ike megharịa igodo 4096-bit RSA nkeonwe nke ejiri mepụta mbinye aka dijitalụ site na iji mbedTLS 3.0 cryptographic ọba akwụkwọ, nke na-eji Montgomery algọridim na-ebuli ọnụọgụ gaa na modulo ike. Ọ were akara 50500 iji chọpụta igodo. Ngụkọta oge ọgụ were nkeji iri atọ na asatọ. E gosipụtara ụdị ọgụ dị iche iche nke na-enye ọgbaghara n'etiti usoro dị iche iche na igwe mebere nke KVM hypervisor na-achịkwa. E gosikwara na enwere ike iji usoro ahụ hazie nnyefe data zoro ezo n'etiti igwe mebere na ọnụego 38 Mbit / s yana n'etiti usoro na ọnụego 0.89 Mbit / s na ọnụego njehie na-erughị 2.70%.

isi: opennet.ru

Tinye a comment