CVE-2018-3665 Vulnerability Found in Intel Core and Xeon Processors

Yet another chip vulnerability has been discovered, CVE-2018-3665, which has been called Floating Point Lazy State Save/Restore. The flaw resides in Intel Core and Xeon processors, and is similar to Spectre since it is a speculative execution flaw.

Details about CVE-2018-3665

CVE-2018-3665 exploits one of the ways the Linux kernel saves and restores the state of Floating Point Unit (FPU) when switching tasks, more particularly the Lazy FPU Restore scheme, researchers explained. Malicious actors can leverage the flaw to grab encryption keys. Fortunately, Linux kernel from kernel version 4.9 and upwards, as well as newer versions of Windows and Windows Server are not affected by this vulnerability.

According to Red Hat the vulnerability is moderate for Red Hat Enterprise Linux users:

Red Hat has been made aware of an issue where operating systems and virtual machines running on common modern (x86) microprocessors may elect to use “lazy restore” for floating point state when context switching between application processes instead of “eagerly” saving and restoring this state. Exploitation of lazy floating point restore could allow an attacker to obtain information about the activity of other applications, including encryption operations.

CVE-2018-3665 affects CPU speculative execution which is similar to other recent side channel flaws, Red Hat says. In terms of this latest vulnerability, one process can read the floating point registers of other processes being lazily restored.

As explained by Jon Masters, a computer architect at Red Hat, CVE-2018-3665, also known as Floating Point Lazy State Save/Restore, is yet another speculative execution vulnerability affecting some commonly deployed modern microprocessors. Apparently, Red Hat is collaborating with their industry partners to release optimized mitigation patches, which will be available via Red Hat’s normal software release mechanism. Red Hat is also providing guidance (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum authored by Milena Dimitrova. Read the original post at: