Intel chip kernel flaw requires OS-level fix that could impact macOS performance, report s...
A newly discovered silicon-level flaw in Intel's chip designs is forcing operating system manufacturers to update kernels and other software components to rectify the issue, changes that will reportedly result in performance slowdowns of up to 30 percent.
According to a report from The Register, the security flaw grants user applications a certain level of access to protected kernel memory data, which can include everything from passwords to application keys and file caches.
While details surrounding the bug are being kept under wraps until fixes are issued for major operating systems like Microsoft's Windows and the open-source Linux, the vulnerability is present in Intel x86 hardware produced during the past decade. That includes processors in past and current Macs.
Importantly, Intel is unable to close the hole with a firmware update, leaving operating system manufacturers like Microsoft and Apple to push out fixes on their end. Alternatively, users can purchase a new processor that does not contain the fault.
Microsoft is reportedly preparing to release fixes for Windows in an upcoming Patch Tuesday release, with the update due to arrive as early as next week. Recent patches to Linux's kernel virtual memory system yield clues as to what is amiss, and what remedies developers plan to implement in the coming days.
Linux programmers have elected to completely separate a system's kernel memory from system processes using Kernel Page Table Isolation (KPTI). KPTI patches move the kernel from virtual memory address spaces into its own distinct address space.
The drastic measure suggests Intel's silicon contains a fundamental flaw that could allow user programs to usurp kernel protections. Exactly how the built-in security protocols can be bypassed, or by what mechanism the kernel is being made available to user programs, is unknown.
Separating the kernel into its own address space comes at a hefty premium on operating performance, with current benchmarks showing a five to 30 percent slowdown depending on task and CPU model, the report said.
Aside from Microsoft's Windows and Linux, 64-bit versions of Apple's macOS are also open to the vulnerability. Beyond personal computers, some believe cloud services like Amazon EC2, Microsoft Azure and Google Compute Engine are impacted by the bug and will need to be updated.
According to a report from The Register, the security flaw grants user applications a certain level of access to protected kernel memory data, which can include everything from passwords to application keys and file caches.
While details surrounding the bug are being kept under wraps until fixes are issued for major operating systems like Microsoft's Windows and the open-source Linux, the vulnerability is present in Intel x86 hardware produced during the past decade. That includes processors in past and current Macs.
Importantly, Intel is unable to close the hole with a firmware update, leaving operating system manufacturers like Microsoft and Apple to push out fixes on their end. Alternatively, users can purchase a new processor that does not contain the fault.
Microsoft is reportedly preparing to release fixes for Windows in an upcoming Patch Tuesday release, with the update due to arrive as early as next week. Recent patches to Linux's kernel virtual memory system yield clues as to what is amiss, and what remedies developers plan to implement in the coming days.
Linux programmers have elected to completely separate a system's kernel memory from system processes using Kernel Page Table Isolation (KPTI). KPTI patches move the kernel from virtual memory address spaces into its own distinct address space.
The drastic measure suggests Intel's silicon contains a fundamental flaw that could allow user programs to usurp kernel protections. Exactly how the built-in security protocols can be bypassed, or by what mechanism the kernel is being made available to user programs, is unknown.
Separating the kernel into its own address space comes at a hefty premium on operating performance, with current benchmarks showing a five to 30 percent slowdown depending on task and CPU model, the report said.
Aside from Microsoft's Windows and Linux, 64-bit versions of Apple's macOS are also open to the vulnerability. Beyond personal computers, some believe cloud services like Amazon EC2, Microsoft Azure and Google Compute Engine are impacted by the bug and will need to be updated.
Comments
sounds ridiculously bad.
doubt there will ever be a HW remedy for my ‘09 tower...
https://en.wikipedia.org/wiki/Pentium_FDIV_bug
1994 :: "The man who found the bug points out that since it went unnoticed for a year in a popular product, that likely indicates that the bug was less harmful than IBM suggested."
2018 :: "Being discovered many years later clearly indicates that the sky is falling, human sacrifice, dogs and cats living together, mass hysteria… and Apple should be sued for it."
I still don’t think Apple are ready to go with ARM for the desktop, but I bet the custom silicon lobby inside the company are using this to press their case.
i remember the division flaw back in the 90’s. I recall Intel offering to replace CPU’s if they were being used for “scientific” purposes and precision was an absolute. Everyone else for the most part was stuck with a defective chip, truth be told the bug didn’t affect most regular users but still.
If this is as bad as they say, I demand that Apple replace the CPU in my 2015 5K iMac and my new MBP on Intel’s dime.
This is an argument for not soldering in CPUs.
What about other Apple designed chips? If a design flaw can be discovered in an A-series chip, which is the argument for making it socketed, then one would have to extend that to all other Apple chip designs, like the T-series, where a security flaw can have some very bad ramifications since it's used to hold the most sensitive data in an Apple device even when powered off. But I have to question whether a socketed T-series chip designed around security would be a good idea from a security standpoint, which then follows back up to other Apple chips.
The "bad actors" have already been working overtime for decades trying (and often succeeding) to exploit everything and anything that has any logic in it, from software, firmware, microcode, markup, macros, scripts, social media, humans, etc. Heck, there are professional-quality development toolkits freely available for anyone to download so you can discover your exploits in your spare time. Unannounced exploits are a worldwide unit of currency. Oh, and who is considered a "bad actor" is entirely relative and depends on who the actor is working for. Are the NSA, FBI, CIA, DOD, and the thousands of public and private companies working on behalf of government agencies, etc., "bad actors?" Depends on whose flag you fly, I guess.
I don't want to sound like Chicken Little, but cybersecurity is a much greater threat than most lay people can comprehend or deal with at a personal level. It's an ongoing and existential threat that is the primary daily focus of hundreds of thousands of professionals just in the US, and there are easily as many unfilled jobs as ones that are currently filled. The good news is that the previous US administration truly understood the cybersecurity threat from day one and at least got the ball rolling on doing something about it in an apolitical and highly cooperative way between the public and private sectors. I hope the current administration's war on science doesn't lead to regression on this very serious concern. Dealing with the fallout from cybersecurity incidents is simply the new normal today, and it will stay that way at least until managing it gets woven into the fabric of everyday life - like destructive weather, tsunamis, and earthquakes so workarounds, mitigation, and compensation will be required, especially for legacy systems. Going forward everything that has logic in it must be designed with cybersecurity in mind and people must be aware and adapt as well.