Intel screws up with a major Kernel Memory leak.

This is bad.

Fixes to the vulnerability might lead from a 5% to a whopping 30%(or even more on older CPUs) performance.

EDIT: Might not be related, but Intel's CEO sold a lot of his stocks a month prior.

Not going to worry about it. See how it pans out before jumping to conclusions.

The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.

@BassMan: It's a major security flaw, though not as worrying to the normal consumers, is still a huge kick to those who run data centers.

Plus, it may affect gaming performance on a whole, especially to people with older CPUs like myself. We'll see on the 9th still, though.

@jasonofa36: I am not trying to downplay anything, but there are a lot of smart people out there that will find ways to improve the situation. So, there are not many fucks given by me at this point. If I see my games taking a big hit, then I will start to take more interest.

What a clusterf***. AMD say they're not affected, and their wording suggest what's wrong here is that Intel chips are executing speculative code without performing security checks. The whole OS patch is therefore to separate the kernel memory so it doesn't f*** everything else up, costing CPU cycles in the process.

Maybe that's what those "B" chips in the leaked Coffee Lake lineup are? Updated chips without the flaw? What a mess.

Meanwhile, deeper in the rabbit hole, Intel's CEO sold a lot of his stock a month before this bug was disclosed.

Nothing we can do right now but wait and see how it affects us gamers using Intel CPU's.

I have no technical insight, but a friend in IT just said that the "fix" still doesn't solve the issue and the "white hats" were still able to work around this patch. He said it's not good at all and affects just about everything.

@todddow: Probably on Linux systems, but I'm not hopeful on Microsoft either.

I smell a class action lawsuit if this blows up much bigger.

I run two major Data Centers.

My day tommorow is going to be a shit storm.

Really?

Yeah. Think about it. Even a measly Javascript on a website could potentially access the kernel inside the CPU. That's how vulnerable Intel CPUs are now, unless a fix is added.

But the fix adds a lot of cycles apparently, and may affect performance. Early reports suggest that it doesn't impact gaming by much, but some productivity software are affected by quite a lot.

Wouldn't be surprised. If they can't patch it through some sort of software update, then it's in the silicon. Anything short of fixing the silicon is going to be damage limitation at best.

*sigh* It's already too late for me. I've already ordered my PSU and I cannot delay my upgrade any longer. Worst case scenario, I might end up buying two CPUs in one year. What a mess.

I haven't seen any reputable outlets reporting on this. Sounds like sensationalized clickbait so far.

heh what? accessing the kernel, just bought an intel cpu second handed. I might be ass invaded.

dream on this stuff has spread, with the tech babble to back it up

On the other hand intel stock doesn't seem to be affected, maybe the share holders don't realize what's going on?

I'm pretty sure this will affect all applications especially games, games do more stuff at kernel level than something like an SQL server would. It's not like the operating system is going to be able to know the difference between a game and other pieces of software.

Nobody has reported on it other than a few niche blogs.

Good news for CPU industry, means lots of people will upgrade again.

rofl

Wonder if intel is getting destroyed by lawsuits soon. Karma is a biatch. Bet AMD is laughing all the way to the bank.

@UssjTrunks: Intel has done a lot of shit lately, from the Floating Point bug to the ME one. Though, they are much less of a threat than this one.

And credibility wise, Intel might be suppressing a lot of major publications to save face(and investor money) until they sort this shit out.

If a patch does come out on the 9th, then this is undeniably true.

@Gatygun: If this fucks up the CPU performance dramatically, I ain't touching Intel ever again. I'll be sidegrading to Ryzen.

The Register is hardly a "niche blog," and apparently everything we're seeing here is NDA-busting stuff, so the general radio silence is understandable.

Either way, we'll know the truth very soon. Azure update is supposedly coming January 5th, and the OS update on Patch Tuesday.

Yeah, class action lawsuit is something that's being thrown around as we speak. We'll see.

If AMD make their goal of February launch for Ryzen 2 (not to be confused with Zen 2), they could indeed have a few months to themselves jumping on Intel's fumble until the latter launch their Coffee Lake refresh, including the mysterious "B" processors. However, I doubt this will have a long term impact, unless AMD pulls something out of the bag and really goes blow-for-blow with Intel's latest and greatest.

@madrocketeer: Problem is we wouldn't know if Intel would **** up like this again after they "resolve" this issue, especially since most of their income comes from Enterprises and huge businesses. I've not heard new as bad as this from AMD.

Thanks Intel.

Just before you sold some stock and cut the Intel Inside program. We've all been royally fucked.

Denuvo DRM.

Oh Intel. I hope I'll be fine.

New product launches always come with new issues. AMD Ryzen had their own issues with mismatched CPU thread numbering causing major hit to multi-threading performance, as well as segfaults on Linux systems. I also once recalled a new AMD CPU launch a long time ago that came with a list of bugs to fix that was twice as long Intel's equivalent at the time.

The reality is sometimes these issues take time to find. Apparently this particular flaw affects every Intel CPU launched in the last 10 years. This makes sense, because every Intel CPU in the last 10 years are based on the Nehalem architecture. Nehalem single-handedly solidified Intel's dominance in the market, so I don't think there was much incentive to take everything apart and change things fundamentally. If it works, don't fix it.

Long story short, this would indeed be a major screw-up by Intel, but I don't think it's that unusual for the industry. As I said, I think once Intel fix this mess in their upcoming Coffee Lake refresh, we'll be back to status quo.

Ha, lead counsel for Intel is an alumnus from my university. Nice guy. Bet his life is - or will shortly be - utter hell.

If your CPU is new, i would just send it in because it's broken when the patch hits towards intel with a piece of paper, refund or lawyer your choice.

WIth the clusterjunk of a windows 10 OS that forces updates this is going to be a utter bloodbath for pretty much every intel user.

I personally won't be affected by this, even while i use intel. as i will simple not update and make sure i won't. However if amd can pull out a ryzen 2 with good clocks for a decent price i will jump on it for sure.

Okay guys, I have some benchmarks. Note however that these are Linux benchmarks, so take them with a grain of salt when applying to them Windows-based systems.

First, the good news: gaming performance appear unaffected by this. This does make sense, since in gaming applications the CPU is going to spend most of its time executing instructions and simulating stuff like physics and not so much on switching system calls. Raw math-heavy tasks like encoding video also appear unaffected as well.

The bad news is that benchmarks that simulate file transfer and SQL operations are heavily affected. These operations require a lot of system calls and context switching, and require spending a lot of CPU cycles to refresh the kernel memory. So if you move lots of files frequently, or if you're running a server or a data centre, prepare to have your day ruined.

Basically this. I just don't have the time to deal with this shit atm. But for now, if my games take a huge hit, I'll be taking actions asap!

Wish I had seen this earlier. I would have called in sick today.

It's not so much a 'memory leak' more of the CPU some how bypassing security to gain access to memory that it shouldn't be able to otherwise get access too.

It's also being speculated as to how Intel has got that 30% performance gap by doing sneaky hardware work around like this as this process while bad for data security would actually save the CPU cycles and time and thus offer a performance boost.

That's why all CPU's are expected to see a performance drop as they can't use this 'loop hole' any more.

I'm going to watch in anticipation of how huge this may be. I have 3/4 of my pc's at home with Intel processors. Class action indeed if they noticeably slow down my stuff! In addition to regular consumers, business consumers seem to stand at better odds of huge slowdowns. All the while, I wonder the legal avenues AMD may have, if any, for Intel dominating the CPU world for this time period in question.

i'll just keep the update service disabled and take my chances

my cpu is already outdated enough as is

i'll be upgrading to ryzen 2 soon hopefully

Jeez, glad I use my PC for MMOs/RTS only and do all my gaming on consoles.

too much horseshit, hopefully my i7 isn't affected

Hmm, ok

This is not good but Intel is still far above anything AMD has to offer so i have no worries.

This is based on Linux benchmarking so have to wait from Windows side of things where most people do their gaming, personally not too shaken with 8700k few %off and it's still ahead of competition

Intel PR spin on this https://newsroom.intel.com/news/intel-responds-to-security-research-findings/

"Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits."

Anyway, Windows might patch it so both AMD and Intel CPUs will slow down

@MonsieurX: They aren't the only ones on the spin tho:

https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html

These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running them.

They're saying any chip made in the last decade, so yeah... if your CPU was made after 2007/2008 then you're screwed. I wouldn't freak out about this and I rather see how this all plays out.

I'm taking a wait and see approach on this.

Okay, this is bad. But what's the next step? Is this something firmware can fix? Or will making a new processor necessary? Or are OS updates enough?

Even with a huge performance drop an i7 (?) would still smoke the CPU in any console.

@organic_machine:

This flaw apparently can't be patched by microcode, which seems to mean it's in the silicon. OS updates are supposed to come on Tuesday, but it will have a performance impact that will affect servers, data centres and virtual machines the worst. Gamers and average users will probably see much less impact.

The OS updates are more of a workaround. The key problem seems to be that these CPUs aren't performing security checks when executing speculative code. This OS update essentially just rips out the kernel memory and isolate it so it doesn't screw everything else up.

To properly fix the problem, new processors will have to be released. Intel will get that chance when they release Coffee Lake refresh in first half of this year.

@madrocketeer:

Ouch, that really stinks. That sounds like the worst possible case for Intel simply because it affects a large amount of processors they've released. Especially stinks if you've just invested in a Xeon server or an i9 PC.

No problem. I can hang on to my old FX-8350 and GTX 1060 combo for a bit longer.

AMD's stock went up a bit after this news! Only above $10 a share now, while Intel's dropped a tiny bit.