Como Izinkinga zokuphepha ezihlobene ne-Specter zaziwa kudala okunikeze okuningi ukukhuluma ngalezi zinyanga.
Noma izimbungulu eziningi zokuphepha eziholela eSpecter zilungisiwe KuLinux, izimbungulu ezintsha ikakhulukazi ezahlukahlukene ezintsha zenziwe.
Kulabo bafundi abangazi ngalokhu kuba sengozini, ngingakutshela lokho ISpecter wubungozi obuthinta ama-microprocessors anamuhla asebenzisa ukubikezela kwe-hop.
Amaprosesa amaningi, ukwenziwa kokuqagela okuvela ekuhlulekeni kwesimo sezulu kungashiya imiphumela ebonakalayo ama-collater angaveza imininingwane eyimfihlo kumhlaseli.
Isibonelo, uma iphethini yokufinyelela kwememori eyenziwe ukwenziwa kokuqagela okukhulunywe ngenhla kuncike kudatha eyimfihlo, isimo esivelele senqolobane yedatha sakha umzila oseceleni lapho umhlaseli angakwazi khona ukuthola imininingwane emayelana nedatha eyimfihlo. ukusebenzisa ukuhlaselwa okunesikhathi.
Esikhundleni sobungozi obulodwa, obulungiswa kalula, idokhumenti yeSpecter ichaza isigaba sonke sobungozi obungaba khona.
Bonke labo ubungozi kusekelwe ekuxhaphazeni imiphumela emibi yokwenza okuqagelayo, inqubo ejwayele ukusetshenziswa ukulwa nememori yokubambezeleka futhi ngaleyo ndlela isheshise ukusebenza kuma-microprocessor anamuhla.
Ikakhulu ISpecter igxile ekubikezeleni kweqa, icala elikhethekile lokuqagelwa kokuqagela.
Ngokungafani nobungozi be-Meltdown obukhishwe ngosuku olufanayo, ISpecter ayincikile esicini esithile sokuphathwa kwememori iprosesa ethile noma ukuthi ivikela kanjani ukufinyelela kuleyo nkumbulo, kepha inendlela ejwayelekile.
UDebian ukhiphe ukulungiswa kwezokuphepha
Muva nje iqembu lokuthuthukisa eliphethe iDebian Project likhiphe i-firmware Ikhodi ye-Intel encane Kubuyekezwe abasebenzisi bochungechunge lwe-Debian OS I-GNU / Linux 9 "Stretch" ukunciphisa izingcuphe ezimbili zakamuva ze-Specter kuma-Intel CPU amaningi.
Ngenyanga edlule, ngokunembile ngo-Agasti 16, uMoritz Muehlenhoff umemezele ukutholakala kwesibuyekezo ku-Intel's microcode enikeza ukusekelwa kwe-SSBD (Speculative Store Bypass Disable (SSBD) edingekayo ukubhekana nobungozi bokuphepha kwe-Specter Variant 4 kanye Ukuhlukahluka kweSpecter 3a.
Kodwa-ke, isibuyekezo se-Intel microcode esikhishwe ngenyanga edlule besitholakala kuphela kwezinye izinhlobo zamaprosesa we-Intel.
Ngenxa yalokhu, Iphrojekthi ye-Debian ikhiphe i-Intel microcode firmware ebuyekeziwe esebenzisa ukwesekwa kwamamodeli we-Intel CPU SSBD angeziwe kubasebenzisi bohlobo olusha sha lohlelo oluyi-Debian 9 Stretch ukulungisa izingcuphe ezimbili zakamuva ze-Specter ezitholwe kuma-Intel CPU amaningi.
Ohlwini lokuthumela ama-imeyili, uMoritz Muehlenhoff uthe:
«Lokhu kubuyekezwa kuza ne-cpu microcode ebuyekeziwe yamamodeli angeziwe we-intel cpus angakahlanganiswa nokuvuselelwa kwe-intel microcode, ekhishwe njenge-dsa-4273-1 (ngakho-ke inikeza ukwesekwa kwe-ssbd (kuyadingeka ukuqondisa 'i-specter v4' nokulungisa ku-'sper v3a ') «.
Ngokusatshalaliswa okuzinzile kwe-Debian 9 Stretch lezi zinkinga zilungisiwe ku-
inguqulo 3.20180807a.1 ~ deb9u1.
Sincoma ukuthi ubuyekeze amaphakheji akho we-intel-microcode.
Iphrojekthi ye-Debian mema bonke abasebenzisi bochungechunge lwe-Debian OS Stretch besebenzisa ama-Intel CPUs ukubuyekeza i-microcode firmware enguqulweni 3.20180807a.1 ~ deb9u1, engalandwa ngokushesha kusuka kungobo yomlando enkulu.
Futhi, ukulungisa ngokuphelele ukukhubazeka kweSpecter, Abasebenzisi bazodinga futhi ukufaka isibuyekezo esisha se-kernel.
Kwaziwa kabanzi ngokuthi iSpecter variant 3A (CVE-2018-3640) "Rogue System Register Read" neSpecter variant 4 CVE-2018-3639 "Speculative Store Bypass", zombili zingukukhubazeka kwe-Side-Channel okungavumela abahlaseli ukuthi bathole imininingwane okuyimfihlo mayelana nezinhlelo ezisengozini. Amaphutha amakhulu futhi kufanele alungiswe ngokushesha okukhulu.
Ekugcineni, kwanele ukuthi uhlelo lwethu lubuyekezwe ngokugcwele nezinguqulo zakamuva zezinto zalo.
Izindaba ezinhle kakhulu