Categories: News

Flaw in Intel Haswell CPUs Bypasses Critical Security Protection

Every now and then, a major bug pops up in PC hardware. Sometimes, these bugs aren’t too serious but they can have a large impact like AMD’s Phenom TLB bug. This time around, it’s Intel’s turn to suffer a hardware CPU bug. According to researchers from the University of California, Intel’s Haswell chips suffer from a flaw that will allow attackers to bypass ASLR, a crucial security feature.

ASLR, or Address Space Layout Randomization is a technique that protects from buffer overflow attacks. By randomizing the memory space, attackers will have to guess at the areas of the memory which contain the data they wish to target. With Haswell, the branch target buffer table used by the branch predictor can be exploited as a way to determine where in the memory specific code is in.

While this attack won’t allow for remote code execution, it can lead to privilege escalation exploits. It may also allow attackers to break out from sandboxes and even from VM’s as this is a fundamental hardware flaw. For cloud providers, this can be a major issue as it makes it easier for an attacker to buy a VM server and break out of it to attack their fellow customers. This means the exploit should work for any OS though some may be less severely impacted.

Intel has reported that they are investigating the issue so we hope to hear back from them soon. Despite it being a hardware issue, a microcode update may be able to fix the issue. However, that may lead to a performance hit depending on what is required for the fix. For now, there is no word yet if pre-Haswell CPUs are impacted or post-Haswell CPUs as well. Given the relatively few changes between generations, I would not be surprised if Broadwell is buggy as well and perhaps even Skylake and Kaby Lake.

Samuel Wan

Samuel joined eTeknix in 2015 after becoming engrossed in technology and PC hardware. With his passion for gaming and hardware, tech writing was the logical step to share the latest news with the world. When he’s not busy dreaming about the latest hardware, he enjoys gaming, music, camping and reading.

Disqus Comments Loading...

Recent Posts

Gigabyte M27Q 170Hz 1440p FreeSync KVM Monitor Review

Gigabyte has created some very impressive gaming monitors over the last few years, and it…

4 hours ago

Corsair Unveils its KATAR PRO XT Mouse and MM700 RGB Pad

Corsair has today launched a new ultra-light gaming mouse, the KATAR PRO XT. At a…

8 hours ago

Activision Admits Call of Duty is Now Too Big for an Original PS4

If there has been one entirely fair criticism aimed at the most recent additions to…

9 hours ago

AMD 6700 XT Release Date Leaks! – 6700 (Non-XT) Delayed?

Earlier this week, we got the rather exciting news that after months of speculation, the…

9 hours ago

Lenovo Unveils its Custom 6800/6900 XT – And it Looks A Bit Familiar…

Lenovo certainly isn't a brand you would immediately associate with custom graphics card designs. And…

9 hours ago

Why Have A Rumble Controller When You Can Make a Rumble Desk?

Although I certainly stand to be corrected, it's my general understanding that 'rumble feedback' controllers…

9 hours ago