What is Lazy FP State Restore: a new vulnerability has been discovered in Intel processors

Image: Unsplash

A new vulnerability has been discovered in Intel processors. The error affecting all models of the Intel Core family is called Lazy FP State Restore (CVE-2018-3665).

What is the problem

According to the published description , the problem is related to the performance optimization function of the Lazy FPU context switching - it is used by the operating systems to save and restore the floating point unit (FPU) registers. Vulnerability allows a process to gain access to registers and data in them relating to another process.

According to Red Hat's security newsletter, numbers stored in FPU registers can potentially be used to access sensitive information — for example, about the activity of other applications.

Vulnerabilities are susceptible to all microprocessors, starting with the Sandy Bridge model. AMD processors are not affected by this error.

How to protect

Unlike Specter's vulnerability, in this case, installing a patch for the OS is enough to solve the problem. The development of security updates, in particular, is the company Red Hat.

In addition, according to Intel, the vulnerability is similar to the error, called Specter Variant 3A (Rogue System Register Read), previously detected. This means that it has already been fixed in some versions of operating systems and hypervisors.

In turn, Microsoft also published a security bulletin, which provides recommendations for minimizing the effects of the Lazy FP State Restore vulnerability. The company said it was working on a patch, which will be published on the next update day (Patch Tuesday) in July.

Lazy FP State Restore is not the first vulnerability discovered in Intel products recently. So in January 2018, information was published about two serious vulnerabilities Meltdown and Specter, and in the spring, researchers discovered eight more vulnerabilities in Intel processors, commonly known as Specter-NG .

In addition, the Intel Management Engine technology was widely discussed - experts at Positive Technologies talked about the vulnerability contained in it, which opens up an attacker access to most of the data and processes on the device.

Other materials on the topic:

• Vulnerability in Intel AMT turned out to be more serious than they thought.
• Apple's computers closed the firmware vulnerability found by Positive Technologies experts