New Flaw in Intel CPUs – Lazy FP State Restore

Windows Articles

How to install Android on a PC with Phoenix OS

Hello! Android is the most widely used mobile operating system in the world. Indeed, this Linux-based system has a large market share....

How to install Apache Maven on OpenSUSE 15.2 / 15.1?

In this post, we will show you how to install Apache Maven on OpenSUSE 15.2 / 15.1. To manage projects done in Java, there is...

How to install SQLite on OpenSUSE 15.2 / 15.1?

There are many good database management systems, but they are not all the same. And the fact that they are not, means...

How to detect port scanning and private IP access with Behave

Hello! Security when surfing the internet is a very serious issue. Consequently, the precautions we take are very important. Moreover, web browsers...

How to install LAMP on OpenSUSE 15.2 / 15.1?

It is increasingly common to find small companies that decide to use the SUSE ecosystem for their servers. It's an unsurprising decision because OpenSUSE...
Mel Khamlichi
Mel Khamlichihttp://www.osradar.com
Founder of Osradar, from Amsterdam Netherlands

Processor is the most important of all the hardware components of any computer as it manages all the tasks and enables us performing all the actions, like you’re reading this post. Recently, security researchers identified a brand new vulnerability in Intel CPUs called “Lazy FP State Restore”. At first, there was the Meltdown and Spectre with different strong variants. Now this! Intel is surely having hard time.

The vulnerability affects all the Intel CPUs of the Core-based series, according to Intel’s official statement. The horrible thing is, it’s present physically inside the processors, meaning that any operating running on any Intel Core-based CPU will be vulnerable to the attack.

What is Lazy FPU context switching?

At first, let’s talk about the vulnerable section of the CPU. Lazy FPU context switching is a performance optimization feature. It’s responsible for saving and restoring the FPU (Floating Point Unit) registers. These registers hold the floating point numbers and allows access to those whenever necessary.

Now, the bug here is physical. The physical bug in the CPU allows other processes to sneak into these registers along with their data.

The problem is, these numbers are necessary for various important tasks like cryptographic equations. Thus, a hacker may be able to sniff out numbers from these registers to crack an encryption key. The next moment, everything else will be gone.

The scope of the vulnerability

Despite it’s a major CPU bug in the processors, it’s not executable using a web browser. That makes this vulnerability less effective than the Meltdown. Meltdown is preventable with operating system patches in cost of performance.

Rumors about the bug

Before the vulnerability was officially disclosed, there were rumors about it since DragonflyBSD and OpenBSD released notices about patches that would fix this vulnerability. The notice was a strong indication that there was something wrong with the FPU registers in Intel’s processors.

Thankfully, this bug is preventable without changing the existing microcode. That’s a big relief for Intel whereas vendors are working for fixing the issue with future patches.

Here is a list of all the official statements of different vendors.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to install Android on a PC with Phoenix OS

Hello! Android is the most widely used mobile operating system in the world. Indeed, this Linux-based system has a large market share....

How to install Apache Maven on OpenSUSE 15.2 / 15.1?

In this post, we will show you how to install Apache Maven on OpenSUSE 15.2 / 15.1. To manage projects done in Java, there is...

How to install SQLite on OpenSUSE 15.2 / 15.1?

There are many good database management systems, but they are not all the same. And the fact that they are not, means...

How to detect port scanning and private IP access with Behave

Hello! Security when surfing the internet is a very serious issue. Consequently, the precautions we take are very important. Moreover, web browsers...

How to install LAMP on OpenSUSE 15.2 / 15.1?

It is increasingly common to find small companies that decide to use the SUSE ecosystem for their servers. It's an unsurprising decision because OpenSUSE...