1. 24

  2. 9

    What’s most interesting to me is the timeline of independent rediscoveries and how Intel shed the researchers off of each other by enforcing a strict embargo.

    Seems to me like the team could have grown and collaborated more deeply if this hadn’t been so strongly protected. Does it mean we’ll see more cpu bugs like these next year?:)

    1. 8

      Intel’s announcement: Side Channel Vulnerability Microarchitectural Data Sampling

      Simultaneously to it, XSA-297 for Xen, VMSA-2019-0008 for VMware, and four CVEs:

      • CVE-2018-12126 - MSBDS - Microarchitectural Store Buffer Data Sampling
      • CVE-2018-12127 - MLPDS - Microarchitectural Load Port Data Sampling
      • CVE-2018-12130 - MFBDS - Microarchitectural Fill Buffer Data Sampling
      • CVE-2019-11091 - MDSUM - Microarchitectural Data Sampling Uncacheable Memory
      1. 3

        For those interested, here’s the mitigation in NetBSD, which seems to be the simplest one.

        Essentially: Intel released a microcode update which makes the verw instruction now magically flush MDS-affected buffers. On vulerable CPUs, this instruction now needs to be run on kernel exit; the microcode update won’t do it automatically on sysexit, unfortunately.

        1. 2

          “Fallout exploits an optimization that we call Write Transient Forwarding (WTF)” :)