Intel "lazy FP state restore" vunerability could expose privileged data
Security researchers have uncovered a new microarchitectural vulnerability in some Intel processors. Called "Lazy FP State Restore," this vulnerability relies on a side channel to leak potentially privileged data after the processor performs a context switch from an unprivileged process to a privileged kernel function, according to security analysis from Red Hat. Both Intel and Red Hat classify the potential impact of this vulnerability as "moderate." AMD CPUs are not affected.
As with Spectre and Meltdown, the vulnerability stems from efforts to improve performance. Context switches are microarchitecturally expensive, and the less data that needs to be moved around during such a switch, the better. The leak relies on the fact that the processor can defer saving and restoring of FPU state until a new process actually uses the CPU's floating-point ...