Published in PC Hardware

Intel warns of lazy FP state restoration

by on14 June 2018


Living off the state

Chipzilla has warned of another side-channel attack against its Core family processors.

While it is not as bad as Meltdown or Spectre the "Lazy FP state restoration exploitation" sounds like the chip is recovering from a big Sunday afternoon dinner.

Lazy FP state restoration is a means for developers to squeeze additional performance out of compatible Intel processor, but possible for software running on an operating system which uses Lazy FP switching to increase floating-point unit (FPU) performance to obtain access to data it should not, including cryptographic keys.

Amazon's Julian Stecklina and Cyberus Technology's Thomas Prescher found the bug earlier this year, and originally scheduled for public announcement in August until leaks pushed the announcement date up.

The vulnerability is exploitable only when the operating system is configured to use lazy rather than eager FPU switching instructions. For Windows, that was the case up until Microsoft released a patch switching to eager FPU switching earlier this week. Linux kernel version 4.9 is already protected, while backported patches are beginning to land for older but still supported kernel releases.

While the white paper has, Cyberus Technology's announcement claims, been withheld temporarily at Intel's request, anyone running a Core-branded processor or newer is advised to check their operating system or hypervisor for a patch to guard against exploitation of the vulnerability.

Last modified on 14 June 2018
Rate this item
(0 votes)