In recent years, Intel processors have revealed many vulnerabilities, starting with Meltdown and Specter, which are associated with speculative execution of instructions based on branch prediction. Although many vulnerabilities are already covered by software patches, security researchers are constantly finding new ones.
Another vulnerability was called CrossTalk (Intel uses the name SRBDS – Special Register Buffer Data Sampling, and in the vulnerability catalog it carries the identifier CVE-2020-0543). Unlike previously discovered vulnerabilities, the new one allows a malicious program to steal data from programs executed by other kernels using a common buffer. In doing so, software updates released to close Meltdown and Specter are helpless. Note that the attack is successful in processors without HyperThreading.
According to the source, CrossTalk carries a rather big danger for users of systems used together, for example, for cloud computing.
Intel not only knows about the problem, but also released a patch (in fact, after that it became possible to publish information about CrossTalk). The vulnerability is in server, desktop, mobile and embedded processors. The full list is huge. It is published on the Intel website.
Recently news
New Snoop Vulnerability Threats Intel Processors
Intel fixed 236 vulnerabilities in 2019, but only 11 of them related to processors
768 stream processors and a frequency of 1.3 GHz. Disclosed are the characteristics of the Intel Xe GPU, which is part of the Core i7-1165G7 processor
746 arrests, 2 tons of drugs, 54 million pounds and dozens of weapons. EncroChat anonymous service successfully hacked in Europe
Intel Core i7-10700K made it into the Top 10 Mindfactory processors, slightly weakening Ryzen’s total superiority
BlueLeaks: activists published data of 200 police agencies in the public domain