Flaw in Intel Haswell CPUs Bypasses Critical Security Protection




/ 3 years ago

Intel DT_Haswell_i7_FB

Every now and then, a major bug pops up in PC hardware. Sometimes, these bugs aren’t too serious but they can have a large impact like AMD’s Phenom TLB bug. This time around, it’s Intel’s turn to suffer a hardware CPU bug. According to researchers from the University of California, Intel’s Haswell chips suffer from a flaw that will allow attackers to bypass ASLR, a crucial security feature.

ASLR, or Address Space Layout Randomization is a technique that protects from buffer overflow attacks. By randomizing the memory space, attackers will have to guess at the areas of the memory which contain the data they wish to target. With Haswell, the branch target buffer table used by the branch predictor can be exploited as a way to determine where in the memory specific code is in.

While this attack won’t allow for remote code execution, it can lead to privilege escalation exploits. It may also allow attackers to break out from sandboxes and even from VM’s as this is a fundamental hardware flaw. For cloud providers, this can be a major issue as it makes it easier for an attacker to buy a VM server and break out of it to attack their fellow customers. This means the exploit should work for any OS though some may be less severely impacted.

Intel has reported that they are investigating the issue so we hope to hear back from them soon. Despite it being a hardware issue, a microcode update may be able to fix the issue. However, that may lead to a performance hit depending on what is required for the fix. For now, there is no word yet if pre-Haswell CPUs are impacted or post-Haswell CPUs as well. Given the relatively few changes between generations, I would not be surprised if Broadwell is buggy as well and perhaps even Skylake and Kaby Lake.


Topics: , ,

Support eTeknix.com

By supporting eTeknix, you help us grow and continue to bring you the latest newsreviews, and competitions. Follow us on FacebookTwitter and Instagram to keep up with the latest technology news, reviews and more. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!

Looking for more exciting features on the latest technology? Check out our What We Know So Far section or our Fun Reads for some interesting original features.

eTeknix Facebook eTeknix Twitter eTeknix Instagram eTeknix Instagram

Check out our Latest Video

  • Be Social With eTeknix

  • Latest Video

  • Features

  • Poll

    What Resolution Do You Game At?

    View Results


Send this to a friend