‘CacheOut’ Attack: update microcode without a reboot and you're safe - TuxCare
TuxCare Blog News

‘CacheOut’ Attack: update microcode without a reboot and you’re safe

February 11, 2020

CacheOut-min

At the end of January 2020, another speculative execution vulnerability was found in Intel processors. Any modern Intel CPU built before October 2018 is likely vulnerable to a discovered hardware issue that could allow attackers to leak sensitive data from the OS kernel, co-resident virtual machines, and even from Intel’s secured SGX enclave.

Dubbed CacheOut a.k.a. L1 Data Eviction Sampling (L1DES) and assigned CVE-2020-0549, the new microarchitectural attack allows an attacker to choose which data to leak from the CPU’s L1 Cache, unlike previously demonstrated MDS attacks where attackers need to wait for the targeted data to be available. The flaw can’t be exploited remotely from a web browser and also doesn’t affect AMD processors.

 

More than a year ago, KernelCare has released the patches for a similar class of vulnerability – L1 Terminal Fault (L1TF). It turned out that the KernelCare patch against L1 Terminal Fault (L1TF) covers the L1 Data Eviction Sampling (L1DES) vulnerability.

 

If you are a KernelCare user – all that is left for you to do in order to protect your infrastructure is to update microcode without a reboot using KernelCare instructions.

 

If you are not yet using KernelCare – sign up for a free trial to get the patches for Linux kernels and devices automatically, without a reboot.

 

Get a FREE 7-Day Supported Trial of KernelCare 

 

 

Read more about live patching of critical CVEs without a reboot here:


About KernelCare

KernelCare is a live patching system that patches Linux kernel vulnerabilities automatically, with no reboots. It’s used on over 300,000 servers, and has been used to patch servers running for 6+ years. It works with all major Linux distributions, such as RHEL, CentOS, Amazon Linux, and Ubuntu. It also interoperates with common vulnerability scanners such as Nessus, Tenable, Rapid7, and Qualys. To talk with a consultant about how KernelCare might meet your enterprise’s specific needs, contact us directly at [email protected].

TuxCare can help you reduce your risk window to data exfiltration and other cyber security threats.

TALK TO A CYBERSECURITY EXPERT

Expert knowledge of Linux security tips,
live patching education, and Cybersecurity news.

Stay updated with the latest news and announcements from TuxCare.com

Related Articles

The Bugs Behind the Vulnerabilities...

We continue to look at the code issues that cause...

November 14, 2022

Cybersecurity insurance and fine print:...

Catastrophic risks such as natural disasters and indeed cyberattacks require...

June 29, 2022

IT Automation With Live...

In a symphony orchestra, instruments harmonize to create one pleasing...

June 20, 2022

KernelCare ePortal updated – version...

We are pleased to announce that a new updated ePortal version...

June 16, 2022

KernelCare agent update – version...

We are pleased to announce that a new updated KernelCare agent...

June 2, 2022

KernelCare ePortal updated – version...

We are pleased to announce that a new updated ePortal version...

May 26, 2022

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching