Intel lvi, patch for this vulnerability reduces performance by 77%

Linux site Phoronix has investigated the performance impact of the patch from the latest Load Value Injection (LVI) vulnerability on Intel processors.

Intel LVI, Patch for this vulnerability reduces performance by 77%

Load Value Injection Injection, which carries the identifier CVE-2020-0551, allows the attacker to steal sensitive information from the victim by penetrating the Intel Software Guard Extensions (SGX). The SGX essentially acts as a vault to store important data. Both Intel and the researchers who exposed LVI have labeled the vulnerability as a theoretical threat, meaning that it is highly unlikely that a malicious attacker would exploit it. Either way, Intel has released SGX (PSW) platform software and SDK updates to mitigate the security breach.

The publication evaluated processor performance in five different scenarios: without Intel's mitigations, loading LFENCE before indirect branches, before RET instructions, after loads, and with all three options in tandem.

The tests were done with a Xeon E3-1275 v6 processor (Kaby Lake). The results of the publication show that activating LFENCE before direct branches or before RET statements has minimal impact on performance. Performance loss is less than 10%.

Visit our guide on the best processors on the market

On the other hand, implementing LFENCE after each load instruction or with all three options can really paralyze the performance of a processor. Performance loss increases up to 77%.

Fortunately, LVI shouldn't be much of a problem for consumers, as it's not common to see SGX usage on a conventional PC. Theoretically, attackers can take out LVI with JavaScript, however the task is very complex. Conversely, business users should be more concerned with frequent use of SGX and virtualization. We will keep you informed.

Tomshardwaremydrivers font