Colin Percival, a FreeBSD committer and security team member, has found a local exploit against the current implementation of Intel's Hyper-Threading Technology. "Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a serious security flaw," Colin explains. "This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine. Administrators of multi-user systems are strongly advised to take action to disable Hyper-Threading immediately."
Yeah, it's a bit over a month old. I just found out about it today. If anyone else has updated information, please post it.
No, true dual-core processors are NOT vulnerable -- just HyperThreading ones.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
no subject
The source of the problem is shared data caches between any two CPUS (virtual or otherwise, eg some old SMP machines having shared external cache are also vulnerable), and specifically reading critical data out of the cache that you shouldn't.
On modern machines the cache gets so polluted that it doesn't make a huge difference, as the exploit requires the machine to be really quiet except for the attacker and the process being attacked.