A new vulnerability found in Intel Xeon chips2019-09-11 18:38 by Daniela
Tags: Intel, Xeon, vulnerability
Researchers at Vrije University in Amsterdam revealed on Wednesday that Intel's server-grade processors suffer from a vulnerability, which they dubbed NetCAT.
The vulnerability enables a side-channel attack that can infer what a CPU is working on and is said to rely on issues with two Intel technologies found primarily in the Xeon CPU line: Data-Direct I/O Technology (DDIO) and Remote Direct Memory Access (RDMA). According to the researchers, AMD chips aren't impacted by the bug.
The most severe form of attack can take place in data centres, and cloud environments that have both DDIO and remote direct memory access enabled to allow servers to exchange data. A server leased by a malicious hacker could abuse the vulnerability to attack other customers.
The flaw affects all Intel Xeon E5, E7, and SP chips that include DDIO and RDMA support; Intel has not released any patches, instead advising users to work around the problem by limiting direct access to servers from untrusted networks or disabling DDIO and RDMA support - and taking the performance hit that results.
Read more -here-