Intel Processors Vulnerable Again, Hit by “Lazy FP State Restore” Vulnerability

It looks like Intel processors are vulnerable again as security researchers have discovered a vulnerability that is affecting all modern Core and Xeon processors. This is an exploit of a performance optimization feature called “lazy FP state restore,” which when exploited to sniff out sensitive information, including cryptographic keys used to protect sensitive data. All x86 micro-architectures by Intel from “Sandy Bridge” and later are vulnerable.

intel vul

The “lazy FP state restore” feature is used to temporarily restore or store the FPU states of applications running “lazily” (opposed to “eagerly”). Red Hat has put out an advisory that numbers held in FPU registers could be used to access sensitive information about the activities of other applications, including encryption keys.

Intel has started to work with popular OS vendors to quickly roll out software patches against this vulnerability.

About Author