Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum

News 

PortSmnash Side-Channel Vulnerability in Intel CPUs

0 Replies, 1503 Views

[Image: images?q=tbn:ANd9GcRLabdF7FSuxKZnedpRMKp...9OfgMjXRV1]



    Another threat to Intel CPUs has been discovered, this vulnerability called "PortSmash", which seems similar to previously discovered TLBleed, as it also lets attacks steal crytographic keys. 


 So far the exploit has only been verified on Skylake and Kaby Lake chips; however, the exploit might affect all chips using Simultaneous Multithreading (or SMT) Architecture. The researchers also suspect it may affect AMD Ryzen as well. 

 The Advisory, as posted by the researchers who discovered the flaw, can be found here.

 One of the aforementioned researchers, Billy Brunley, published a proof-of-concept of the exploit on his GitHub account.

  
  Intel has this to say: 

   “Intel received notice of the research. This issue is not reliant on speculative execution and is therefore unrelated to Spectre, Meltdown or L1 Terminal Fault. We expect that it is not unique to Intel platforms. Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices.”
  


  That was the news folks, the week is still chugging along, have a good one and stay safe out there. 



  ----Sh7nk-Z0id
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Update Windows 10 to patch critical vulnerability in Microsoft store games News 0 1,667 11-06-2020, 04:22 AM
Last Post: News
Star News IoT Vulnerability Disclosure Platform Launched News 0 1,796 10-20-2020, 09:58 AM
Last Post: News
Star News Zerologon Vulnerability Used in APT Attacks News 0 1,628 10-07-2020, 11:12 AM
Last Post: News
Star News Vulnerability Disclosure Programs See Signups & Payouts Surge News 0 1,456 09-23-2020, 12:57 PM
Last Post: News
Star News Can Vulnerability Scanning Replace Penetration Testing? News 0 1,551 08-30-2020, 02:08 AM
Last Post: News
Star News Vulnerability Volume Poised to Overwhelm Infosec Teams News 0 1,555 08-28-2020, 09:14 AM
Last Post: News
Star News Vulnerability Prioritization: Are You Getting It Right? News 0 2,211 08-10-2020, 07:33 PM
Last Post: News
Smile News Critical Vulnerability In Bisq Crypto Exchange Exploited For Some Users Mr.Kurd 0 1,693 04-10-2020, 02:46 PM
Last Post: Mr.Kurd
Rainbow News Vulnerability In WPvivid Backup Plugin Could Expose Files Of WordPress Sites Mr.Kurd 0 1,598 04-01-2020, 11:11 AM
Last Post: Mr.Kurd
Rainbow News Microsoft Alerts Users Of Zero-Day RCE Vulnerability In Windows 7 Under Active Exploi Mr.Kurd 0 1,614 03-26-2020, 09:03 AM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)