U-Tavis Ormandy, umcwaningi wezokuphepha kwa-Google, uhlonze ubungozi obusha (CVE-2023-23583) kuma-Intel processors, i-codenamed Reptar, ebeka ikakhulukazi usongo ezinhlelweni zamafu ezisebenzisa imishini ebonakalayo yabasebenzisi abahlukene. Ukuba sengozini kuvumela isistimu ukuthi ilenga noma iphahlazeke uma imisebenzi ethile yenziwa kumasistimu wezihambeli angagunyaziwe. Ukuhlola amasistimu akho, insiza ishicilelwe edala izimo zokubonakaliswa kobungozi.
Ngokombono, ubungozi bungasetshenziswa ukukhuphula amalungelo ukusuka kweyesithathu kuye kwindandatho enguziro yokuvikela (CPL0) kanye nokubalekela izindawo ezingazodwa, kodwa lesi simo asikakaqinisekiswa ngokusebenza ngenxa yobunzima bokulungisa amaphutha ezingeni le-microarchitectural. Ukubuyekezwa kwangaphakathi kwa-Intel kuphinde kwabonisa amandla okuxhashazwa kokuba sengozini ukuze kwandiswe amalungelo ngaphansi kwezimo ezithile.
Ngokusho komcwaningi, ubungozi bukhona emindenini yokucubungula i-Intel Ice Lake, i-Rocket Lake, i-Tiger Lake, i-Raptor Lake, i-Alder Lake kanye ne-Sapphire Rapids. Umbiko we-Intel uveza ukuthi inkinga ibonakala iqala esizukulwaneni se-10 (Ice Lake) se-Intel Core processors kanye nesizukulwane sesithathu sama-Xeon Scalable processors, kanye nama-Xeon E/D/W processors (Ice Lake, Skylake, Haswell, Broadwell , Skylake, Sapphire Rapids, Emerald Rapids, Cascade Lake, Cooper Lake, Comet Lake, Rocket Lake) kanye ne-Atom (Apollo Lake, Jasper Lake, Arizona Beach, Alder Lake, Parker Ridge, Snow Ridge, Elkhart Lake naseDenverton). Ukuba sengozini okukhulunywa ngakho kwalungiswa kusibuyekezo sayizolo se-microcode 20231114.
Ukuba sengozini kubangelwa ukuthi ngaphansi kwezimo ezithile zezakhiwo ezincane, ukwenziwa komyalelo we-“REP MOVSB” kufakwa ikhodi ngesiqalo esithi “REX” eseqile, esiholela ekuziphatheni okungachazwanga. Inkinga itholwe ngesikhathi sokuhlolwa kweziqalo ezingafuneki, ngokombono okufanele zinganakwa, kodwa ekusebenzeni kwaholela emiphumeleni exakile, njengokuziba amagatsha angenamibandela kanye nokulondoloza isikhombisi ku-xsave kanye nemiyalo yokushaya ucingo. Ukuhlaziya okwengeziwe kubonise ukuthi ukwengeza isiqalo esingasasebenzi emyalelweni we-"REP MOVSB" kubangela ukonakala kokuqukethwe kwebhafa ye-ROB (ReOrder Buffer) esetshenziselwa uku-oda imiyalelo.
Kukholakala ukuthi iphutha libangelwa ukubalwa okungalungile kosayizi womyalelo we- "MOVSB", okuholela ekwephulweni kwekheli lemiyalelo ebhalwe ku-ROB buffer ngemuva kwe-MOVSB ngesiqalo eseqile, kanye ne-offset. yesikhombi sokufundisa. Ukususa ukuvumelanisa okunjalo kungakhawulelwa ekuphazamisekeni kwezibalo ezimaphakathi nokubuyiselwa okulandelayo kwesimo esibalulekile. Kodwa uma uphahlazeka ama-cores amaningi noma imicu ye-SMT ngesikhathi esisodwa, ungalimaza isimo se-microarchitectural ngokwanele ukuba siphahlazeke.
Source: opennet.ru
