Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    KPTI Intel Chip Flaw Exposes Security Risks

    By
    Sean Michael Kerner
    -
    January 3, 2018
    Share
    Facebook
    Twitter
    Linkedin
      Vulnerabilities

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Operating system vendors are rushing to put out a fix for an alleged Intel chip flaw that could be used to exploit systems.

      Intel has not officially disclosed details on the flaw yet, though a patch already exists in the Linux kernel, with patches for Microsoft Windows and Apple macOS expected by Jan. 9. The Intel flaw doesn’t have a branded name at this point, though security researchers have referred to it as both KPTI (Kernel Page Table Isolation) and KAISER (Kernel Address Isolation to have Side-channels Efficiently Removed).

      “Modern operating system kernels employ address space lay-out randomization (ASLR) to prevent control-flow hijacking attacks and code-injection attacks,” researchers at Graz University of Technology in Styria, Austria, wrote in a research abstract on KAISER. “While kernel security relies fundamentally on preventing access to address information, recent attacks have shown that the hardware directly leaks this information.”

      Linux kernel developers have been working on a patch for the KAISER issue since at least early November 2017. The Linux kernel uses a form of ASLR called Kernel ASLR (KASLR) to perform address space randomization. Memory randomization is important to help limit the risk of attackers knowing where applications use specific memory registers, which could then be directly attacked to leak information.

      The KAISER patches in Linux are intended to be a defense against KSLR attacks, which apparently can be enabled via the as-yet undisclosed Intel chip flaw. In a Linux kernel commit message for the KAISER patches, Intel Linux kernel developer Dave Hansen explained that KAISER is a countermeasure against attacks on kernel address information. Hansen noted that the KAISER patches unmap memory locations in the Linux kernel when userspace applications run. Instead, there is only a minimal set of memory page tables that are left, which are called kernel page tables.

      “This minimal set of data can still reveal the kernel’s ASLR base address,” Hansen wrote. “But, this minimal kernel data is all trusted, which makes it harder to exploit than data in the kernel direct map which contains loads of user-controlled data.”

      While ASLR is widely used on multiple system architectures, the KAISER issue initially appeared to be  specific to Intel processors and does not impact Advanced Micro Devices processors.

      “AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against,” AMD Linux kernel developer Tom Lendacky wrote in a Linux Kernel Mailing List message. “The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.”

      Intel released a statement on Jan. 3 noting that the issues are not just limited to its products. The company stated that reports that these exploits are caused by a ‘bug’ or a ‘flaw’ and are unique to Intel products are incorrect. Additionally Intel downplayed the risk of the memory issues noting that in Intel’s view the exploits do not have the potential to corrupt, modify or delete data.

      “Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits,” Intel stated. “Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively.”

      On Intel systems, KAISER will have some amount of performance impact, with the patch slowing systems. It’s not clear at this point how much KAISER will slow down all operating systems, though early testing has pegged the performance impact to be as high as 30 percent on some Linux systems.

      “Most workloads that we have run show single-digit regressions,” Hansen wrote. “5 percent is a good round number for what is typical. The worst we have seen is a roughly 30 percent regression on a loopback networking test that did a ton of syscalls and context switches.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Editor’s Note: This article was updated with an Intel statement that said the issues are not limited to Intel products.

      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×