News Centre

New Intel CPU Flaw Leaves Millions Vulnerable

Article by
November 5, 2018


Intel logo-Tech Patrol

Security researches have found a new Intel CPU flaw that exploits Hyper-Threading to steal encrypted data which can allow hackers access to sensitive protected data, like cryptographic keys, passwords, from all other processes running in the same CPU core with simultaneous multi-threading feature enabled. Throughout this article, we will release the details of the flaw and show latest regarding patching and Intel’s response.

Dubbed PortSmash (CVE-2018-5407), PortSmash is a vulnerability discovered by security researches from the Tampere University of Technology in Finland and Technical University of Havana, Cuba, the new side-channel vulnerability resides in Intel’s Hyper-Threading technology, the company’s implementation of Simultaneous MultiThrading (SMT).

What is MultiThreading?

Simultaneous Multithreading is a type of execution model that allows multiple threads to exist within the context of a process such that they execute independently but share their process resources. A thread maintains a list of information relevant to its execution including the priority schedule, exception handlers, a set of CPU registers, and stack state in the address space of its hosting process. As published on to Techopdie

Since SMT runs two threads in two independent processes alongside each other in the same physical core to boost performance, it is possible for one process to see a surprising amount of what the other is doing and this is where the vulnerability can be exploited.

“We recently discovered a new CPU microarchitecture attack vector. The nature of the leakage is due to execution engine sharing on SMT (e.g., Hyper-Threading) architectures,” the team says.

“More specifically, we detect port contention to construct a timing side channel to exfiltrate information from processes running in parallel on the same physical core.”



Meaning that an attacker is able to run a malicious PortSmash process alongside a selected victim process on the same CPU core, allowing for attackers running the PortSmash flaw to see performed operations measuring, the precise time taken to run the operation and user patterns.

Stealing OpenSSL Decryption Keys

Researchers have tested the PortSmash attack against OpenSSL (Version <= 1.0.0h) cryptographic library in a proof-of-concept released on Github, and were successfully able to steal the private decryption key using the exploit which was running on the same physical core as the OpenSSL thread.

While the PortSMash attack has been confirmed to work on Intel’s Kay Lake and Skylake processors at this moment, researchers are strong suspecting that this flaw is also capable of working on other SMT architectures, including AMD’s, with some modifications to their code.

SMT is fundamentally broken because it shares resources between the two cpu instances and those shared resources lack security differentiators. Some of these side channel attacks aren’t trivial, but we can expect most of them to eventually work and leak kernel or cross-VM memory in common usage circumstances, even such as javascript directly in a browser. the team said.


How do I protect my business against PortSmash?

This new side-channel vulnerability has been reported to Intel’s Security team last month, however, when Intel refused to release patches, the team went public with the PoC exploit. Which can either speed up the patching process for Intel or create awareness for attackers to exploit machines.

At this stage TECH PATROL’s simple fix for the PortSmash vulnerability is to disable SMT/Hyper-Threading in the CPU chip’s BIO until Intel releases security patches for the flaw. OpenSSL users can also upgrade to V1.1.1. This technique was used to protect users against Spectre-class attacks.

If you need assistance please contact us as soon as possible.


Other Articles You May Enjoy:

Share your thoughts in the Comments section:

Subscribe For The Latest In Technology

Other Posts You May Like


Please enter your name.
Please enter a valid email address.
Something went wrong. Please check your entries and try again.


Microsoft Azure

Introduction to Azure – A Core Cloud Service

Microsoft Responds to COVID-19

Microsoft Responds To COVID-19 By Offering E1 Licenses Free For The Next 6-Months


Microsoft Teams vs Zoom. What is right for your business?

Microsoft Azure

Azure Firewall Manager now supports virtual networks.

White Paper

Enjoy this free eBook

Tech Patrol - Microsoft Office 365

White Paper (Why businesses Are Migrating to Cloud)

  • This field is for validation purposes and should be left unchanged.
Scroll to Top