- Samfurin L1D, L1DES ko sanannen CacheOut ɗayan sabbin barazanar ne ana karawa cikin jerin masu sani cewa ba da damar afkawa Intel CPUs ta hanyar aiwatar da lambar hasashe. Wannan shi ne karo na uku a cikin ƙasa da shekara guda da Intel ke gabatar da sabon salo na rauni da ke da nasaba da aikin hasashe na masu sarrafa ta.
Tun farkon matsalolin Intel ya fara ne da Specter da Meltdown, kuma hakan daga baya ya ba da damar ƙarin raunin da aka gano tun lokacin, gami da SPOILER, Foreshadow, SwapGS, ZombieLoad, RIDL da Fallout. Sabbin hare-hare sun shafi Intel CPUs da aka ƙera kafin kashi na huɗu na 2018.
Ba kamar yanayin MDS ba (Samfuran Bayanan Microarchitectural), a cewar shafin yanar gizon CacheOut:
Wani maƙiyi na iya amfani da tsarin ɓoye na CPUs don keɓance takamaiman bayanan da za a tace.
Masu gano shi suna ganin yanayin rauni CacheOut azaman wani hari kan kisan gilla da sakamakon kai tsaye na Specter da Meltdown.
Kuma shine cewa masu binciken VUSec kamar sun gano yanayin raunin ne a layi daya, saboda bisa ga CVE, CacheOut daidai yake da bambancin RIDL, wanda masu bincikensa ke kira L1DES (suna bin sunan Intel na asali kamar L1D Eviction Sampling)
A wani babban matakin, cacheOut ya haifar da takaddama akan maƙallan L1-D don fitar da bayanan da yake nunawa daga ma'ajin. Mun bayyana bambance-bambancen guda biyu.
Na farko, a yayin da cache ta ƙunshi bayanan da aka yiwa kwaskwarima, abin da ke cikin layin ɓoye yana tafiya ta cikin LFBs kamar yadda ake rubuta shi zuwa ƙwaƙwalwa.
Abu na biyu, lokacin da maharin ke son zubo bayanan da wanda abin ya shafa ba ya gyarawa, maharin zai fara fitar da bayanan ne daga ma'ajiyar sannan ya same su yayin da yake wucewa ta cikin layin cike-layi don gamsar da karatun lokaci guda daga wanda aka azabtar.
Tsarin kariya na Intel ba zai yi tasiri ba akan CacheOut, amma suna taimakawa cewa baza'a iya amfani da yanayin raunin ta hanyar mai binciken ba.
VUSec kuma yana ba da hujja game da amfani da ra'ayi ga yanayin rauni a kan Github. Rashin lafiyar yana ɗaukar CVE-2020-0549 azaman CacheOut.
Duk da yake Intel kuma tana ba da lambarta (INTEL-SA-00329) kuma ya sanya shi matsakaici (6.5). A cewar Intel kanta, bayanai a cikin ma'ajiyar bayanan L1 (L1D) za a iya miƙa su zuwa madafun L1D wanda ba a amfani dashi (padding buffer).
Za'a iya tace bayanai ta musamman kuma a karanta su daga wannan maƙallin sakawa ta hanyar harin tashar tashar. Sabili da haka, Intel ta kira wannan hanyar karatun L1D Samfurin Jirgin Kaya kuma yana ɗaukar waɗanda abin ya shafa a matsayin rukunin L1TF (Foreshadow da Foreshadow-NG). Ba kamar Haskaka ba, bai kamata maharan su iya tambayar adiresoshin zahiri tare da CacheOut ba.
Sauran na rauni abin da aka saukar da Hanyoyin Intel suna ɗaukar Samfurin Rajista na Vector (RSV), Yana da mafi ƙarancin mahimmanci tun da Intel ta ce wannan aibi ba shi da mahimmanci saboda rikitarwa na harin yana da yawa kuma damar maharan samun bayanai masu dacewa basu da yawa. Bayan wannan kuma ana ɗaukar VRS sabon bambancin harin RIDL.
VRS tana da alaƙa da zubewa a cikin Shagon Buffer na sakamakon ayyukan karatun littattafan vector waɗanda aka gyaru yayin aiwatar da umarnin vector (SSE, AVX, AVX-512) a cikin ainihin CPU ɗin.
Fitarwar na faruwa ne a cikin yanayi na musamman kuma hakan ya faru ne saboda gaskiyar aikin da aka yi, wanda zai haifar da tunanin yadda ake samun bayanan kayan aikin a cikin ajiyar ajiya, an jinkirta shi kuma an daina shi bayan bayanan, kuma ba a da ba.
A ƙarshe, Intel ta ba da sanarwar cewa a cikin 'yan makonni za ta sami abubuwan sabuntawa dacewa don gyara waɗannan kuskuren.
Duk da yake don AMD, ARM da IBM CPUs waɗannan matsalolin ba sa shafar su.
Amfani da lahani za a iya samu a cikin hanyoyin masu zuwa.