Published in PC Hardware

Recompiling will not kill TLBleed

by on26 June 2018

OpenBSD project Theo de Raadt warns

Recompiling is unlikely to be a catch-all solution for a recently unveiled Intel CPU vulnerability known as TLBleed, according to the head of the OpenBSD project Theo de Raadt.

For those who came in late, TLBleed targets the translation lookaside buffer, a CPU cache. The side-channel vulnerability can be theoretically exploited to extract encryption keys and private information from programs.

Former NSA hacker Jake Williams said on Twitter that a fix would probably need changes to the core operating system and was likely to involve "a ton of work to mitigate (mostly app recompile)."

However, de Raadt warned that changing the kernel's process scheduler was not so easy.

He told ITWire that Williams was lacking all the details and not thinking it through. "They have sufficient detail to think it through: the article says the TLB is shared between hyperthreading CPUs, and it is unsafe to share between two different contexts. You can measure evictions against your mappings, which indicates the other process is touching memory (you can determine the aliasing factors)."

De Raadt said he was still not prepared to say more, saying: "Please wait for the paper [which is due in August]."

Last modified on 26 June 2018
Rate this item
(0 votes)