Intel Issues ‘Lazy FP State Restore’ CPU Bug Warning

Intel is warning partners and customers about a newly discovered chip vulnerability called Lazy FP state restore.

The vulnerability affects Intel Core-based microprocessors, and an attacker could exploit this vulnerability to obtain access to sensitive information, the hardware giant is warning.

Lazy FP state is considered a "moderate" vulnerability. The good news, according to The Register:

"Modern versions of Linux – from kernel version 4.9, released in 2016, and later – and modern Windows, including Server 2016, as well as the latest spins of OpenSD and DragonflyBSD are not affected by this flaw (CVE-2018-3665)."

Still, security pundits are telling customers not to take the issue lightly. The vulnerability can "theoretically pull data from your programs, including encryption software, from your computer regardless of your operating system," ZDnet warned readers.

Red Hat is among the first operating system vendors to offer background and additional guidance about the bug. According to the open source software company:

"Modern CPUs include many registers (internal memory) that represent the state of each running application. Saving and restoring this state when switching from one application to another takes time. As a performance optimization, this may be done “lazily” (i.e., when needed). The vulnerability exploits "lazy state restore," allowing an attacker to obtain information about the activity of other applications, including encryption operations."

Red Hat’s mitigations are in various stages of availability via software (kernel) patches and configuration changes, the company indicated as of midday Wednesday, June 13. Mitigations will not require microcode updates, the company added. In most cases, Red Hat Enterprise Linux 7 customers will not need to take action, while other users may need to apply software updates, the company said.

For its part, Intel offered this mitigation advice:

"If an XSAVE-enabled feature is disabled, then we recommend either its state component bitmap in the extended control register (XCR0) is set to 0 (e.g. XCR0=0 for AVX, XCR0=0 for AVX512) or the corresponding register states of the feature should be cleared prior to being disabled. Also for relevant states (e.g. x87, SSE, AVX, etc.), Intel recommends system software developers utilize Eager FP state restore in lieu of Lazy FP state restore."

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.