There has been something of a spate of chip vulnerability discoveries recently, and now another one has emerged. Known as Floating Point Lazy State Save/Restore, the security flaw (CVE-2018-3665) is found in Intel Core and Xeon processors and it is another speculative execution vulnerability in a similar vein to Spectre.
There has been something of a spate of chip vulnerability discoveries recently, and now another one has emerged. Known as Floating Point Lazy State Save/Restore, the security flaw (CVE-2018-3665) is found in Intel Core and Xeon processors and it is another speculative execution vulnerability in a similar vein to Spectre.
The security flaw takes advantage of one of the ways the Linux kernel saves and restores the state of the Floating Point Unit (FPU) when switching tasks — specifically the Lazy FPU Restore scheme. Malware or malicious users can take advantage of the vulnerability to grab encryption keys. Linux kernel from version 4.9 and upwards, as well as modern versions of Windows and Windows Server are not affected.
See also:
For Red Hat Enterprise Linux users, the vulnerability has been assigned a Moderate rating. The organization explains: “Red Hat has been made aware of an issue where operating systems and virtual machines running on common modern (x86) microprocessors may elect to use “lazy restore” for floating point state when context switching between application processes instead of “eagerly” saving and restoring this state. Exploitation of lazy floating point restore could allow an attacker to obtain information about the activity of other applications, including encryption operations. The underlying vulnerability affects CPU speculative execution similar to other recent side channel vulnerabilities. In this latest vulnerability, one process is able to read the floating point registers of other processes being lazily restored. This issue has been given CVE-2018-3665. Red Hat Product Security has rated this update as having a security impact of Moderate.”
Jon Masters, a computer architect at Red Hat, says:
Red Hat Enterprise Linux users can take a look at this Knowledge Base Article for help and advice.
The Register explains that Windows Server 2008 is one of the operating systems that needs to be patched. The site also explains that Intel had been planning to go public with the vulnerability later this month, but its plans were changed when the OpenBSD and DragonflyBSD projects decided to publish details of their own patches. In a statement given to The Register, Intel said:
The chip-maker has also assigned the vulnerability a Moderate rating and in security advisory INTEL-SA-00145, the company makes the following recommendation:
Image credit: Rawpixel.com / Shutterstock

Continue reading...