Major Intel CPU Hardware Vulnerability Found

[biffzinker]

A major hardware flaw appears to have been discovered in Intel CPUs, and bypassing this bug can drastically impact performance. Patching the Intel CPU bug is purported to cause a performance hit of 30-35% on Intel CPUs, while all AMD CPUs are unaffected.

The bug itself could potentially have devastating consequences. It opens up possible security vulnerabilities in Intel CPUs, including large cloud providers and web hosts. The hardware bug causes an Intel CPU to prefetch system memory areas and gain control of any application, in theory allowing for a VM on shared hosting to read and write over another VM. Breaking out of the confines of virtual machines hosted at cloud providers could prove hugely damaging.

According to numerous sources, the security bug is currently embargoed, with Intel trying to keep a lid on it lest it is exploited for an attack. The bug was allegedly unearthed by developers working on the Linux kernel, with several major kernel patches dropping over the festive period quickly drawing attention.

Sources: Game Debate Reddit

 

[natr0n]

I bet users are having panic attacks now at that performance loss.

Almost like getting your e-wiener reduced.

 

[Solaris17]

I bet users are having panic attacks now at that performance loss.

Almost like getting your e-wiener reduced.

This won't affect consumers or casual labbers with hyper-v enabled on there home machines. I've been following this and this is seems exclusive to big virtual farms not bare-metal installs.

no 3dmark scores going down im afraid. We also dont know what "35%" performance drop means either since this info is just from linux users and not windows fleets.

 

[eidairaman1]

With that vulnerability it is not good for intel no matter how you slice it, plus this stuff typically rolls down to consumers too.

 

[Vayra86]

Wow. Going to keep an eye on this

 

[Solaris17]

With that vulnerability it is not good for intel no matter how you slice it, plus this stuff typically rolls down to consumers too.

Not really, this is specific to virtualization. So unless you own a AWS compute farm your probably not going to shut off windows ervices in task manager any time soon to boost your FPS in fallout 4.

 

[jaggerwild]

"There is evidence of a massive Intel CPU hardware bug (currently under embargo) that directly affects big cloud providers like Amazon and Google. The fix will introduce notable performance penalties on Intel machines (30-35%)."
KEY HERE IS "CLOUD" providers like Amazon n Google, this is why they teach English in a school with a bell n strap

 

[qubit]

This is bad news for Intel and AMD must be rubbing their hands with glee. I wonder if my 2700K is affected by this?

 

[jboydgolfer]

Thank God it's an Intel-based issue.

 

[Solaris17]

If you fancy a read this is the type of kernel isolation they are talking about. The backport started only a few days ago since the kernel is very new. You can check that out here windows ASLR and Isolation is based off of *nix KPTI. While there isnt much info on windows ASLR regarding this specific bug you can get a grasp of what its doing and why it costs performance HERE though in lab testing penalties are not near 35%.

This is bad news for Intel and AMD must be rubbing their hands with glee. I wonder if my 2700K is affected by this?

If the bug is in the lower registers then yes and for that matter every intel CPU would be.

 

[cdawall]

I'm curious on more information for this one. Sounds like a bunch of people will be screaming how great amd is here shortly, for a bug that affects basically no one on the forum. Lol

 

[Solaris17]

I'm curious on more information for this one. Sounds like a bunch of people will be screaming how great amd is here shortly, for a bug that affects basically no one on the forum. Lol

This guy gets it.

Same, from what I'v seen this might be close-ish to the AMB TLB bug back in the day. I dont remember anyone crying over there FX CPU performance back then and that software workaround IIRC is in windows to this day.

 

[biffzinker]

I wonder if my 2700K is affected by this?

Supposedly goes all the way back to the Core 2 Duo.

The Register has a news post up.
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

 

[cdawall]

This guy gets it.

Same, from what I'v seen this might be close-ish to the AMB TLB bug back in the day. I dont remember anyone crying over there FX CPU performance back then and that software workaround IIRC is in windows to this day.

As technically advanced as modern cpus are I am astonished more like this isn't found from both sides. AMD had an errata with zen already that they managed to fix right before release this popping up makes me curious if they actually fixed it.

 

[Solaris17]

As technically advanced as modern cpus are I am astonished more like this isn't found from both sides. AMD had an errata with zen already that they managed to fix right before release this popping up makes me curious if they actually fixed it.

I'm sure more users would be astonished to see how many issues are documented as -Not fixed or -No work around available if they just read the release architecture PDFs both camps publish.

 

[EntropyZ]

I mean, Intel had a backdoor on their CPUs for a long time according to rumors. What's stopping them having these vulnerabilities, Intel brought this on themselves. Having their "features" *cough* (bugs) added in is a double-edged sword.

You are not buying a CPU I think, you're only getting a licence to use one.

 

[biffzinker]

63% performance hit on Skylake i7-6700, and 49% on EPYC 7601 with patch active.
https://www.computerbase.de/2018-01/intel-cpu-pti-sicherheitsluecke/

 

[cdawall]

63% performance hit on Skylake i7-6700, and 49% on EPYC 7601 is 49% with patch active.
https://www.computerbase.de/2018-01/intel-cpu-pti-sicherheitsluecke/

Why would this patch ever be active on a 6700?

 

[eidairaman1]

I'm curious on more information for this one. Sounds like a bunch of people will be screaming how great amd is here shortly, for a bug that affects basically no one on the forum. Lol

Its the same as tlb or fma "erratta" lol

 

[birdie]

More details.

Probably it's high time to buy AMD shares.

 

[jboydgolfer]

Sounds like a bunch of people will be screaming how great amd is here shortly

thats why i said this

Thank God it's an Intel-based issue

if it was AMD , there'd be a group of people in here, viciously attacking posters for commenting. the more i think about it, the closest thing i can think of, that resembles that type of behavior ,is Cult members.

 

[Solaris17]

I mean, Intel had a backdoor on their CPUs for a long time according to rumors. What's stopping them having these vulnerabilities, Intel brought this on themselves. Having their "features" added in is a double-edged sword.

You are not buying a CPU I think, you're only getting a licence to use one.

No your talking about Intel ME Which your motherboard doesnt even support. and thats not CPU related, thats PCH (mobo)

 

[EntropyZ]

No your talking about Intel ME Which your motherboard doesnt even support. and thats not CPU related, thats PCH (mobo)

PCH that is solely by and for Intel. There are still murmurs about Intel having a bit too much control over your system. Like being able to remotely control it. Still unconfirmed, makes you think though.

I'd like to to think of these "features" they have as insurance, for if and when the time comes. *tinfoil hat mode on*

Sucks to be at the consumer end.

 

[Solaris17]

PCH that is solely by and for Intel. There are still murmurs about Intel having a bit too much control over your system. Like being able to remotely control it. Still unconfirmed, makes you think though.

I'd like to to think of these "features" they have as insurance, for if and when the time comes. *tinfoil hat mode on*

It really doesnt, Intel ME venerability was a leverage against the MINIX OS embedded in the ME EFI files. Intel ME while on an Intel PCH is only included on some Intel PCHs mostly workstation and server boards. Which is also something that has already been patched. You can get that detection tool and follow up (if vulnerable) by bitching at your vendor Here

 

[GC_PaNzerFIN]

Based on my reading on the topic, impact to normal home/workstation user should be pretty small, average about 5% tops on reasonable workloads. But if you are heavy network or I/O user like virtualized servers, you may see significantly larger hit of double digits. Probably so much that it will start to upset some cloud providers/customers.

EPYC news for AMD server offerings! I wouldn't worry too much about your latest gaming PC purchase though.