Processors

Intel xeon, intel cpus suffer a new vulnerability called netcat

Table of contents:

Anonim

Researchers at Vrije University in Amsterdam revealed Wednesday that Intel server processors suffer from a vulnerability, which they dubbed NetCAT. The vulnerability allows a side attack that can infer what a CPU is working on and is said to depend on issues with two Intel technologies that are primarily in the Xeon CPU line: Direct Data I / O (DDIO) technology and Access direct remote to memory (RDMA). According to the researchers, AMD's chips are not affected by this vulnerability.

Intel Xeon processors suffer from NetCat vulnerability

Intel said in a security bulletin that NetCAT affects Xeon E5, E7 and SP processors that support DDIO and RDMA. An underlying problem with DDIO, which has been enabled on Xeon processors by default since 2012, is what enables side channel attacks. Vrije University researchers said the RDMA allows its exploit to "surgically control the relative memory location of network packets on the destination server."

Visit our guide on the best processors on the market

According to the researchers, the vulnerability means that unreliable devices on a network "can now leak sensitive data such as keystrokes in an SSH session from remote servers without local access. " Right now, the only way to defend against these attacks would be to disable DDIO entirely, but researchers said that disabling RDMA could help, at least a little, to anyone who is unwilling to forgo DDIO on their servers.

Intel said in its bulletin that Xeon users should "limit direct access from untrusted networks" and use "software modules resistant to time attacks, using constant time style code." The researchers at the University of Vrije said that these software modules do not have much to do against NetCAT. Therefore, the safest option remains deactivation.

Researchers at Vrije University revealed NetCAT to Intel and the Dutch National Center for Cyber ​​Security on June 23. This vulnerability has been assigned the identifier CVE-2019-11184.

Tomshardware font

Processors

Editor's choice

Back to top button