Hardware security bug: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 04:06, 2 June 2019 edit DIYeditor (talk \| contribs) Extended confirmed users 10,860 edits wl ← Previous edit		Latest revision as of 20:51, 30 September 2022 edit undo Citation bot (talk \| contribs) Bots 5,868,206 edits Add: date. \| Use this bot. Report bugs. \| Suggested by Whoop whoop pull up \| Category:Side-channel attacks \| #UCB_Category 1/24
(7 intermediate revisions by 7 users not shown)
Line 1: {{short description\|Hardware bug}} In digital computing, '''hardware security bugs''' are [[hardware bug]]s or flaws that create [[Vulnerability (computing)\|vulnerabilities]] affecting computer [[central processing unit]]s (CPUs), or other devices which incorporate programmable processors or logic and have [[direct memory access]], which allow data to be read by a rogue process when such reading is not authorized. Such vulnerabilities are considered "catastrophic" by security analysts.<ref> {{cite web \| url=https://www.schneier.com/blog/archives/2018/01/spectre_and_mel_1.html Line 20 ⟶ 21: \| publisher=Rudebaguette.com \| date = January 8, 2018 \| quote = ''[sic]:'' The effects of these vulnerabilities are catastrophic: « at best, the vulnerability can be used by malwares and hackers to exploit other security linked bugs. At worse, the flaw can be used by ~~softwares~~software and authentified users to read the kernel’s memory \| accessdate = February 4, 2019 }} </ref> ==Speculative execution vulnerabilities== Starting in 2017, a series of security vulnerabilities were found in the implementations of [[speculative execution]] on common processor architectures which effectively enabled an elevation of [[privilege (computing)\|privileges~~]]. It was possible to mitigate these flaws with changes to [[microcode~~]]. These include: * [[Spectre (security vulnerability)\|Spectre]]▼ * [[Meltdown (security vulnerability)\|Meltdown]]▼ * [[SPOILER_(security_vulnerability)\|SPOILER]] * [[Foreshadow (security vulnerability)\|Foreshadow]] ▲* [[Meltdown (security vulnerability)\|Meltdown]] * [[Microarchitectural Data Sampling]] ▲* [[Spectre (security vulnerability)\|Spectre]] * [[SPOILER (security vulnerability)\|SPOILER]] * [[Pacman (security vulnerability)\|Pacman]] ==Intel VISA== In 2019 researchers discovered that a manufacturer debugging mode, known as VISA, had an undocumented feature on [[Intel Corporation\|Intel]] Platform Controller Hubs, which are the chipsets included on most Intel-based motherboards and which have direct memory access, which made the mode accessible with a normal motherboard possibly leading to a security vulnerability.<ref name=toms>{{cite web\|url=https://www.tomshardware.com/news/intel-visa-undocumented-feature-chipsets-cpus,38954.html\|title=Intel Chipsets' Undocumented Feature Can Help Hackers Steal Data\|work=Tom's Hardware\|author=Lucian Armasu\|date=29 March 2019 }}</ref> == See also == Line 49 ⟶ 51: ~~[[category:Computer security]]~~ [[category:Computer security exploits]] [[category:Hardware bugs]] [[category:Side-channel attacks]] [[~~category~~Category:2018 in ~~computer science~~computing]]