The vulnerability affects all the Intel CPUs of the Core-based series, according to Intel’s official statement. The horrible thing is, it’s present physically inside the processors, meaning that any operating running on any Intel Core-based CPU will be vulnerable to the attack.

What is Lazy FPU context switching?

At first, let’s talk about the vulnerable section of the CPU. Lazy FPU context switching is a performance optimization feature. It’s responsible for saving and restoring the FPU (Floating Point Unit) registers. These registers hold the floating point numbers and allows access to those whenever necessary.

Now, the bug here is physical. The physical bug in the CPU allows other processes to sneak into these registers along with their data.

The problem is, these numbers are necessary for various important tasks like cryptographic equations. Thus, a hacker may be able to sniff out numbers from these registers to crack an encryption key. The next moment, everything else will be gone.

The scope of the vulnerability

Despite it’s a major CPU bug in the processors, it’s not executable using a web browser. That makes this vulnerability less effective than the Meltdown. Meltdown is preventable with operating system patches in cost of performance.

Rumors about the bug

Before the vulnerability was officially disclosed, there were rumors about it since DragonflyBSD and OpenBSD released notices about patches that would fix this vulnerability. The notice was a strong indication that there was something wrong with the FPU registers in Intel’s processors.

Thankfully, this bug is preventable without changing the existing microcode. That’s a big relief for Intel whereas vendors are working for fixing the issue with future patches.

Here is a list of all the official statements of different vendors.

The post New Flaw in Intel CPUs – Lazy FP State Restore appeared first on Linux Windows and android Tutorials.