UTavis Ormandy, umphandi wezokhuseleko kuGoogle, uchonge ubuthathaka obutsha (CVE-2023-23583) kwiiprosesa ze-Intel, i-codenamed Reptar, eyona nto ibeka isoyikiso kwiinkqubo zamafu ezisebenza ngoomatshini abahlukileyo babasebenzisi abahlukeneyo. Ubuthathaka buvumela inkqubo ukuba ijinga okanye ingqubeke xa imisebenzi ethile yenziwa kwiinkqubo zeendwendwe ezingafanelekanga. Ukuvavanya iinkqubo zakho, into eluncedo ishicilelwe eyenza iimeko zokubonakaliswa kobuthathaka.
Ngokwethiyori, ubuthathaka bunokusetyenziswa ukunyusa amalungelo ukusuka kwisithathu ukuya kwiringi yokhuseleko lwe-zero (CPL0) kwaye ubaleke kwiindawo ezizimeleyo, kodwa le meko ayikaqinisekiswa ngokusebenza ngenxa yobunzima bokulungisa ingxaki kwinqanaba le-microarchitectural. Uphononongo lwangaphakathi kwi-Intel lukwabonise ukubanakho ukuxhaphazwa kobuthathaka ukunyusa amalungelo phantsi kweemeko ezithile.
Ngokomphandi, ubuthathaka bukhona kwi-Intel Ice Lake, i-Rocket Lake, i-Tiger Lake, i-Raptor Lake, i-Alder Lake kunye neentsapho zeprosesa ze-Sapphire Rapids. Ingxelo ye-Intel ikhankanya ukuba ingxaki ibonakala iqala kwisizukulwana se-10 (i-Ice Lake) ye-Intel Core processors kunye nesizukulwana sesithathu se-Xeon Scalable processors, kunye nakwi-Xeon E/D/W processors (Ice Lake, Skylake, Haswell, Broadwell). , I-Skylake, i-Sapphire Rapids, i-Emerald Rapids, i-Cascade Lake, i-Cooper Lake, i-Comet Lake, i-Rocket Lake) kunye ne-Atom (i-Apollo Lake, i-Jasper Lake, i-Arizona Beach, i-Alder Lake, i-Parker Ridge, i-Snow Ridge, i-Elkhart Lake kunye ne-Denverton). Ubuthathaka obubuzwayo bulungisiwe kuhlaziyo lwayizolo lwe-microcode 20231114.
Ubuthathaka bubangelwa kukuba phantsi kweemeko ezithile ze-microarchitectural, ukuphunyezwa komyalelo we-"REP MOVSB" ufakwe ngekhowudi kunye ne-prefix "REX" egqithisileyo, ekhokelela ekuziphatheni okungachazwanga. Ingxaki yafunyanwa ngexesha lovavanyo lwezimaphambili ezingafunekiyo, ezithi ithiyori zingahoywa, kodwa ekusebenzeni kukhokelele kwiziphumo ezingaqhelekanga, njengokungahoyi amasebe angenamiqathango kunye nokugcina isalathisi kwi-xsave kunye nemiyalelo yokufowuna. Uhlalutyo olongezelelweyo lubonise ukuba ukongeza isimaphambili esingafunekiyo kumyalelo we-"REP MOVSB" kubangela ukonakala kwemixholo ye-ROB (ReOrder Buffer) esetyenziselwa ukuodola imiyalelo.
Kukholelwa ukuba impazamo ibangelwa kubalwa okungachanekanga kobungakanani bomyalelo we "MOVSB", okhokelela ekwaphulweni kwedilesi yemiyalelo ebhalwe kwi-ROB buffer emva kwe-MOVSB ngesimaphambili esigqithisileyo, kunye ne-offset. yesalathiso somyalelo. I-desynchronization enjalo inokukhawulelana nokuphazamiseka kwezibalo eziphakathi kunye nokubuyiselwa okulandelayo kwimeko edibeneyo. Kodwa ukuba uwisa ii-cores ezininzi okanye iintambo ze-SMT ngaxeshanye, ungonakalisa imeko ye-microarchitectural ngokwaneleyo ukuba ingqubeke.
umthombo: opennet.ru
