Skip to main content
  1. Home
  2. Computing
  3. News

Researchers: Intel CPUs are inherently flawed and open to a specific attack

By

intel 4th generation core i7 haswell
Image used with permission by copyright holder
Most of us use our computers to manage some of the most important aspects of our lives, from our personal and business finances to recording our private lives to conducting most of our communications. If someone can break into our computers, they can steal our information, our identities, and generally make our lives miserable.

A recent paper, published by a joint research tem from the State University of New York at Binghamton, and the University of California Riverside, alleges that certain processors are inherently flawed and open to attack, according to Ars Technica. The flaw works against a specific method used by modern operating systems, including both Windows and MacOS, to keep systems secure called “address space layout randomization,” or ASLR.

Basically, ASLR jumbles up the memory locations where applications store their code, making it more difficult for exploits to take over a system. Instead, attacks are more likely to cause the computer to simply crash — an inconvenience to users and a potential source of data loss, but far preferable to allowing a hacker to assume control.

Related

The flaw in Intel’s processors, which was demonstrated in Linux running on a system utilizing a Haswell chip, allows attackers to bypass ASLR. On a more technical level, a vulnerability exists in the processor’s branch predictor that allowed the researchers to identify where chunks of code would be stored. This basically represents a “side channel” in the branch predictor that attackers can use to get around ASLR, making predictable something that should be unpredictable.

As the researchers put it, “ASLR is an important defense deployed by all commercial operating systems. It is often the only line of defense that prevents an attacker from exploiting any of a wide range of attacks (those that rely on knowing the memory layout of the victim). A weakness in the hardware that allows ASLR to be bypassed can open the door to many attacks that are stopped by ASLR. It also highlights the need for CPU designers to be aware of security as part of the design of new processors.”

Intel is checking into the research, and the researchers go beyond merely alerting the industry to the potential vulnerability by offering a number of ways to reduce the likelihood of attack via hardware and software. The details of the exploit are contained in the paper titled “Jump Over ASLR: Attacking the Branch Predictor to Bypass ASLR” that was presented on October 18 at the IEEE/ACM International Symposium on Microarchitecture held in Taiwan.

Editors’ Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
I’ve used Intel CPUs for years. Here’s why I’m finally switching to AMD
AMD Ryzen 7 7800X3D held between fingertips.

I've been using Intel CPUs for close to seven years. It started with the Core i7-8700K, but I moved on to the Core i9-10900K, Core i9-12900K, and most recently, the Core i9-13900K, all of which could have occupied a slot among the best processors at different points in time. But after so much time with Team Blue, I'm switching back to AMD.

It comes at an interesting time for Intel and the PC hardware community as a whole, which is currently abuzz about a particular article claiming that Intel is objectively "better" for PC gamers. That's not what this article is. Instead, I want to walk you through why I chose to use AMD's Ryzen 7 7800X3D in my gaming PC, and how I came to the decision.
Stability struggles
The Intel Core i9-13900K CPU Jacob Roach / Digital Trends / Digital Trends

Read more
Some Intel CPUs lost 9% of their performance almost overnight
Someone holding the Core i9-12900KS processor.

Over the past few weeks, we've seen an increasing number of reports of instability on high-end Intel CPUs like the Core i9-14900K. Asus has released a BIOS update for its Z790 motherboards aimed at addressing the problem, but it carries a performance loss of upwards of 9% in some workloads.

The most recent BIOS update from Asus includes the Intel Baseline Profile. This profile disables various optimizations that are automatically applied on Asus Z790 motherboards and runs high-end Intel chips within Intel's specific limits. Hardwareluxx tested the new profile with the Core i9-14900K and found that the CPU ran around 9% slower in multiple tests.

Read more
It just became the perfect time to buy a last-gen Intel CPU
Intel Core i9-13900K held between fingertips.

In a surprising twist, Intel has just decided to discontinue its entire lineup of 13th-generation Raptor Lake CPUs, and it's happening faster than anyone might have expected. Who would have thought that Intel would bid farewell to some of its best processors so soon? While today is a sad day for Raptor Lake, the news is good for those wanting to buy a CPU -- while supplies last, that is.

The discontinuance applies to Intel's lineup of overclockable Raptor Lake processors, bar the 14th-gen refresh, of course. This means that CPUs like the Core i5-13600K are no longer in production and vendors will no longer be able to restock them as of May 24, 2024. This comes from an official product change notification document from Intel, which was spotted by Tom's Hardware. The full list of affected processors is as follows:

Read more