Content deleted Content added
→History: wording |
adjs & alphabetized vulnerabilities - seems better. |
||
Line 10:
| screenshot_alt =
| screenshot_caption =
| CVE = [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12126 CVE-2018-12126] (Fallout),
| discovered = 2018<ref name="Greenberg" />
| patched = 14 May 2019
Line 19:
| website = {{URL|https://zombieloadattack.com|ZombieLoadAttack.com}}
}}
The '''Microarchitectural Data Sampling''' ('''MDS''') [[vulnerability (computing)|vulnerabilities]] are a set of weaknesses in [[Intel CPUs|Intel x86 microprocessors]] that leak data across protection boundaries that are architecturally supposed to be secure. The vulnerabilities have been labeled '''
==Description==
The vulnerabilities are in the implementation of [[speculative execution]], which is where the processor tries to guess what instructions may be needed next. They exploit the possibility of reading [[data buffer]]s found between different parts of the processor.<ref name="Greenberg" />
*ZombieLoad ({{CVE|2018-12130}}) − a leak of already-loaded data from a processor's fill buffer<ref name="new">{{cite web|url=https://www.bleepingcomputer.com/news/security/new-ridl-and-fallout-attacks-impact-all-modern-intel-cpus/|title=New RIDL and Fallout Attacks Impact All Modern Intel CPUs|author=Ionut Ilascu|publisher=Bleeping Computer|date=14 May 2019|accessdate=14 May 2019}}</ref><ref name="zombieloadattack.com" />▼
*RIDL ({{CVE|2018-12127}} and {{CVE|2019-11091}}) − a leak from various internal processor buffers of data being loaded and stored<ref name="new" />▼
*Fallout ({{CVE|2018-12126}}) − a leak of data being stored from store buffers<ref name="new" />
▲*RIDL ({{CVE|2018-12127}} and {{CVE|2019-11091}}) − a leak from various internal processor buffers of data being loaded and stored<ref name="new" />
▲*ZombieLoad ({{CVE|2018-12130}}) − a leak of already-loaded data from a processor's fill buffer<ref name="new">{{cite web|url=https://www.bleepingcomputer.com/news/security/new-ridl-and-fallout-attacks-impact-all-modern-intel-cpus/|title=New RIDL and Fallout Attacks Impact All Modern Intel CPUs|author=Ionut Ilascu|publisher=Bleeping Computer|date=14 May 2019|accessdate=14 May 2019}}</ref><ref name="zombieloadattack.com" />
==History==
According to Intel in a May 2019 interview with [[Wired.com|Wired]], Intel's researchers discovered the vulnerabilities in 2018 before anyone else.<ref name="Greenberg" /> Other researchers had agreed to keep the exploit confidential as well since 2018.
On 14 May 2019, a group of security researchers from Austria's [[Graz University of Technology]] and Belgium's [[KU Leuven|Catholic University of Leuven]], in a [[responsible disclosure|disclosure coordinated]] with Intel, published the discovery the MDS vulnerabilities in Intel microprocessors, which they named
==Impact==
| |||