INSUBCONTINENT EXCLUSIVE:
A new attack that can leak data from a CPU's internal memory or cache has been discovered which affects many popular Intel processors.The
Wieczorkiewicz.Wieczorkiewicz promptly reported the issue to Intel and following its own investigations into the matter, the chipmaker
realized that patches released back in August of 2018 to fix the Foreshadow vulnerability could also be applied to this new attack.Many
popular Intel processors, including those from the company's Core and Xeon lines, are vulnerable to Snoop attacks and you can check this
list to see all of the CPUs that are affected.The new Snoop attack takes advantage of CPU mechanisms such as multiple cache levels, cache
coherence and bus snooping in order to leak data from a CPU core to other cores.Thankfully though, this new attack is very hard to pull off
and does not leak large quantities of data
Intel explained that Snoop attacks require conditions that are hard to meet in the real world, saying:"Due to the numerous complex
requirements that must be satisfied to successfully carry out, Intel does not believe Snoop Assisted L1 Data Sampling is a practical method
in real world environments where the OS is trusted."For those running high-risk systems, the company recommends that you apply the
Foreshadow (L1TF) patches from August 2018 to protect your systems from potential Snoop attacks
Additionally, disabling the Intel TSX (Transactional Synchronization Extensions) can greatly reduce the attack surface while also making
this new attack harder to pull off.Via ZDNet
