Intel CPUs hit by another "Lazy FP Restore" Vulnerability

ItsMitch · June 14, 2018

Intel having a rough year with processor security as a new vulnerability has been announced by some security researchers over at Amazon Germany, Cyberus Technology GmbH and SYSGO AG.

Quote

Hell Yeah! Another security vulnerability has been discovered in Intel chips that affects the processor's speculative execution technology—like Specter and Meltdown—and could potentially be exploited to access sensitive information, including encryption related data.

Dubbed Lazy FP State Restore, the vulnerability (CVE-2018-3665) within Intel Core and Xeon processors has just been confirmed by Intel, and vendors are now rushing to roll out security updates in order to fix the flaw and keep their customers protected.

The company has not yet released technical details about the vulnerability, but since the vulnerability resides in the CPU, the flaw affects all devices running Intel Core-based microprocessors regardless of the installed operating systems, except some modern versions of Windows and Linux distributions.

It goes on further to bring up Sandy Bridge and that all processors from that line going forward have been effected

Quote

As the name suggests, the flaw leverages a system performance optimization feature, called Lazy FP state restore, embedded in modern processors, which is responsible for saving or restoring the FPU state of each running application 'lazily' when switching from one application to another, instead of doing it 'eagerly.'

"System software may opt to utilize Lazy FP state restore instead of eager save and restore of the state upon a context switch," Intel says while describing the flaw.

"Lazy restored states are potentially vulnerable to exploits where one process may infer register values of other processes through a speculative execution side channel that infers their value."

According to the Red Hat advisory, the numbers held in FPU registers could potentially be used to access sensitive information about the activity of other applications, including parts of cryptographic keys being used to secure data in the system.

All microprocessors starting with Sandy Bridge are affected by this designing blunder, which means lots of people again should gear them up to fix this vulnerability as soon as the patches are rolled out.