A joint group of scientists and security experts revealed a new class of vulnerabilities in Intel processors, which, by analogy with Meltdown, Specter and Foreshadow, allow to extract data processed inside the chips. As in the previous cases, the new attacks are based on Microarchitectural Data Sampling (MDS) and take advantage of the speculative execution mechanism implemented in Intel processors to accelerate the speed of data processing. All attacks allow, in varying degrees, access to data stored in various internal CPU buffers.
The essence of the problem lies in the application of analysis methods for third-party channels to data in micro-architectural structures to which applications do not have direct access. These are structures such as Line Fill Buffer, Store Buffer and Load Port, which the CPU uses to quickly read / write the data to be processed.
In total, experts described four MDS attacks based on detected vulnerabilities:
According to experts, all models of Intel processors released since 2011 are vulnerable, including PCs, laptops and cloud servers (the list is available here). As noted, new models of processors are not vulnerable to vulnerabilities, since they come with protection against attacks of speculative execution (Meltdown, Specter, etc.).
Microsoft, Apple and Google have already released updates that fix the problem. In the Linux kernel, MDS protection has been added in updates 5.1.2, 5.0.16, 4.19.43, 4.14.119 and 4.9.176. Corrective updates for RHEL, Ubuntu, NetBSD and FreeBSD are also presented.