Intel xeon, intel cpus suffer a new vulnerability called netcat
Table of contents:
Researchers at Vrije University in Amsterdam revealed Wednesday that Intel server processors suffer from a vulnerability, which they dubbed NetCAT. The vulnerability allows a side attack that can infer what a CPU is working on and is said to depend on issues with two Intel technologies that are primarily in the Xeon CPU line: Direct Data I / O (DDIO) technology and Access direct remote to memory (RDMA). According to the researchers, AMD's chips are not affected by this vulnerability.
Intel Xeon processors suffer from NetCat vulnerability
Intel said in a security bulletin that NetCAT affects Xeon E5, E7 and SP processors that support DDIO and RDMA. An underlying problem with DDIO, which has been enabled on Xeon processors by default since 2012, is what enables side channel attacks. Vrije University researchers said the RDMA allows its exploit to "surgically control the relative memory location of network packets on the destination server."
Visit our guide on the best processors on the market
According to the researchers, the vulnerability means that unreliable devices on a network "can now leak sensitive data such as keystrokes in an SSH session from remote servers without local access. " Right now, the only way to defend against these attacks would be to disable DDIO entirely, but researchers said that disabling RDMA could help, at least a little, to anyone who is unwilling to forgo DDIO on their servers.
Intel said in its bulletin that Xeon users should "limit direct access from untrusted networks" and use "software modules resistant to time attacks, using constant time style code." The researchers at the University of Vrije said that these software modules do not have much to do against NetCAT. Therefore, the safest option remains deactivation.
Researchers at Vrije University revealed NetCAT to Intel and the Dutch National Center for Cyber Security on June 23. This vulnerability has been assigned the identifier CVE-2019-11184.
Spoiler, the cpus intel core affected by a new vulnerability
The world of processors was shaken by the Specter and Meltdown vulnerabilities, which mainly affected Intel. Now comes SPOILER.
Jcc erratum, new vulnerability of cpus intel affects performance
JCC Erratum, Intel has revealed 77 vulnerabilities ranging from processors to graphics and even ethernet controllers.
Plundervolt, new vulnerability in cpus intel that alters its voltages
Plundervolt affects the power management of Intel processors with the aim of breaking security mechanisms.