The Latest in IT Security

New Side-Channel Vulnerability Leaks Sensitive Data From Intel Chips

05
Nov
2018
New Side-Channel Vulnerability Leaks Sensitive Data From Intel Chips

portsmash-vulnerability-bangs-intel-cpus-800x445

Dubbed PortSmash and tracked as CVE-2018-5407, the vulnerability affects all CPUs that rely on SMT, including Intel’s Hyper-Threading architectures. By exploiting the vulnerability, an attacker could extract sensitive data such as encryption keys from a computer’s memory or processor.

The issue was discovered by researchers at Tampere University of Technology in Finland, and Universidad Tecnológica de la Habana (CUJAE) in Cuba. By exploiting the vulnerability, they were able to steal an OpenSSL P-384 private key from a TLS server.

As Billy Brumley from the Tampere University of Technology explains, the bug can be categorized as information disclosure through timing discrepancy and exists due to execution engine sharing on SMT.

Read More

Leave a reply


Categories

TUESDAY, DECEMBER 11, 2018
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks