Faulty instructions in Alibaba’s T-Head C910 RISC-V CPUs blow away all security

August 7, 2024 at 01:08PM Computer security researchers at CISPA Helmholtz Center in Germany have discovered security flaws in T-Head Semiconductor’s RISC-V processors, notably the GhostWrite vulnerability in the TH1520 SoC. The flaw allows unauthorized access to physical memory, posing a significant risk to affected devices. The vulnerability is inherently tied to the design of … Read more

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

November 14, 2023 at 02:27PM Researchers from the CISPA Helmholtz Center for Information Security have discovered a new software fault attack called CacheWarp that targets AMD’s Secure Encrypted Virtualization (SEV) technology. The attack exploits a vulnerability in SEV to infiltrate encrypted virtual machines and achieve privilege escalation. AMD has released a microcode update to address … Read more

Intel out-of-band patch addresses privilege escalation flaw

November 14, 2023 at 01:09PM Intel has released an out-of-band security update to address a privilege escalation vulnerability in recent server and PC chips. The flaw, called INTEL-SA-00950, affects certain chip families and is being patched with a microcode update. Intel discovered the issue internally and there have been no reported active attacks. Google also … Read more