A Vulnerability in Kernel Slowing Down Intel Processors
Register first notices a significant vulnerability in all Intel processor chips. The major design flaw in Linux kernel patch is going to make a huge impact, and all operating systems will have to be updated.
The computers out of the production line and this patch will have a major effect on the performance. The Register says “the computers running on Intel chips will be slower by 30 percent.
This is a nasty piece of bug which can be a major vulnerability, and the problem won’t go away just by updating the computer. To deal with this Operating system vendors are refurbishing some of the functionalities of the computer.
There is a protected memory in the kernel and this bug enables other user programs to access that memory. Since kernel handles the most sensitive task of the system, and it is also the core operating system, it thus makes a vulnerable situation. The kernel is supposed to be the gatekeeper that allows a program to read and write files, it controls the interaction between the file system and application. It also takes care of other accessories like camera and keyboard.
In short, the kernel is that important factor that can do everything on your computer. So it becomes crucial to keep it safe and not be compromised. It is one of the most serious attacks in OS. Various hardware and software optimizations have made the kernel to efficiently interact between user processes.
This design flaw will enable low privileges user programs to read kernel memory. And in case an attacker finds his way in he will install a normal program on the computer, which will allow him to read the password stored in the memory of the kernel, encryption keys, files and cached data from hard drive.
What makes it more alarming is the fact that when you are on the shared system, on a cloud hosting platform or cloud platform you share resources between multiple clients. Multiple clients use the same hardware, and with this kernel exploit in all likelihood one client could easily access sensitive information about another client.
According to Python Sweetness, “Developers are working hard to fix this exploit, they are discussing this on an open forum, but are not clear about the design flaw. Linux kernel. “The security bug is under embargo. Intel will reveal more information about it once Microsoft, Apple, and the Linux team has released patches.”
Microsoft has been working on a patch since November. Apple is also working on a similar fix.
Both Microsoft and Apple are working on the patch. Unfortunately, Kernel Page Table Isolation fixes with Intel x86 processors makes everything run slower. So those with Intel Inside experience slower process, it’s because of what is said here.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.