Colin Percival, a FreeBSD committer and security team member, has found a local exploit against the current implementation of Intel's Hyper-Threading Technology. "Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a serious security flaw," Colin explains. "This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine. Administrators of multi-user systems are strongly advised to take action to disable Hyper-Threading immediately."
Yeah, it's a bit over a month old. I just found out about it today. If anyone else has updated information, please post it.
No, true dual-core processors are NOT vulnerable -- just HyperThreading ones.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}